urlscan.io logo urlscan.io
SecurityTrails logo

www.despegar.com.ar Open in urlscan Pro
192.169.5.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.despegar.com.ar/emtm/tl?u=%2Faftersale%2Fml%2FbS8bxNpNvrUElZlBw9PTRp2vtgJAmO24%3Fcountry%3DAR%26lang%3Des&p=s&ci...
Effective URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Submission: On February 07 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 67 HTTP transactions. The main IP is 192.169.5.25, located in United States and belongs to CVFBLPM, US. The main domain is www.despegar.com.ar. The Cisco Umbrella rank of the primary domain is 496311.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 22nd 2021. Valid for: a year.
This is the only time www.despegar.com.ar was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 12 192.169.5.25 394043 (CVFBLPM)
9 2.18.232.252 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.236.79.52 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f02... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.76 16509 (AMAZON-02)
1 192.169.5.6 394043 (CVFBLPM)
1 143.204.98.39 16509 (AMAZON-02)
1 143.204.98.123 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
1 2.18.234.194 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f13... 32934 (FACEBOOK)
1 2.17.183.217 16625 (AKAMAI-AS)
67 25
12    192.169.5.25 (United States)

ASN394043 (CVFBLPM, US)
PTR: 192-169-5-25-static.despegar.net
www.despegar.com.ar
9    2.18.232.252 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-252.deploy.static.akamaitechnologies.com
ar.staticontent.com
www.staticontent.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.236.79.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-79-52.compute-1.amazonaws.com
www.trackeame.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
6    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
static.hotjar.com
1    192.169.5.6 (United States)

ASN394043 (CVFBLPM, US)
PTR: 192-169-5-6-static.despegar.net
securegtm.despegar.com.ar
1    143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net
script.hotjar.com
1    143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net
vars.hotjar.com
3    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
1    2.18.234.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-194.deploy.static.akamaitechnologies.com
www.tripadvisor.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a03:2880:f13f:83:face:b00c:0:25de (Düsseldorf, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2.17.183.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-183-217.deploy.static.akamaitechnologies.com
www.tamgrt.com
Apex Domain
Subdomains		 Transfer
13 despegar.com.ar
www.despegar.com.ar — Cisco Umbrella Rank: 496311
securegtm.despegar.com.ar
32 KB
9 staticontent.com
ar.staticontent.com — Cisco Umbrella Rank: 673702
www.staticontent.com — Cisco Umbrella Rank: 169197
229 KB
8 google.com
apis.google.com — Cisco Umbrella Rank: 140
accounts.google.com — Cisco Umbrella Rank: 84
analytics.google.com — Cisco Umbrella Rank: 1062
www.google.com — Cisco Umbrella Rank: 13
58 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
663 B
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
309 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5557
779 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
242 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644
script.hotjar.com — Cisco Umbrella Rank: 919
vars.hotjar.com — Cisco Umbrella Rank: 1012
67 KB
2 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
73 KB
1 tamgrt.com
www.tamgrt.com — Cisco Umbrella Rank: 11677
1 tripadvisor.com
www.tripadvisor.com — Cisco Umbrella Rank: 9583
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
1 trackeame.com
www.trackeame.com — Cisco Umbrella Rank: 179469
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
67 16
Domain Requested by
12 www.despegar.com.ar 2 redirects www.despegar.com.ar
ar.staticontent.com
6 www.facebook.com www.despegar.com.ar
connect.facebook.net
6 connect.facebook.net ar.staticontent.com
connect.facebook.net
www.despegar.com.ar
6 ar.staticontent.com www.despegar.com.ar
5 www.google-analytics.com www.googletagmanager.com
www.despegar.com.ar
4 www.google.de www.despegar.com.ar
4 www.googletagmanager.com www.despegar.com.ar
www.googletagmanager.com
securegtm.despegar.com.ar
3 www.google.com www.despegar.com.ar
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 www.staticontent.com www.despegar.com.ar
www.googletagmanager.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 apis.google.com ar.staticontent.com
apis.google.com
1 www.tamgrt.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 ssl.gstatic.com accounts.google.com
1 www.tripadvisor.com www.despegar.com.ar
1 www.googleadservices.com www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 securegtm.despegar.com.ar www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.trackeame.com www.despegar.com.ar
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ar.staticontent.com
67 25

This site contains no links.

Subject Issuer Validity Valid
*.despegar.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-22		 a year crt.sh
www.staticontent.com
DigiCert SHA2 Secure Server CA		 2021-08-03 -
2022-08-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.trackeame.com
Amazon		 2021-10-14 -
2022-11-12		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-16 -
2022-02-14		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.tripadvisor.com
DigiCert SHA2 Extended Validation Server CA		 2021-05-26 -
2022-06-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.tamgrt.com
GlobalSign RSA OV SSL CA 2018		 2021-07-08 -
2022-08-09		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.despegar.com.ar/login?alert=magiclinkexpired
Frame ID: FA2A6A9C40F655EDC448A17139098C1C
Requests: 58 HTTP requests in this frame

Frame: https://securegtm.despegar.com.ar/sem-pixel-helper/gtm/secure-gtm
Frame ID: 22305272FDE975DD8A1F30F8B5AEFB20
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: C4BBCC54EEA9A3D42AA649CEA53B4FEF
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: A831A15C91573A6659CD4724CF5A271A
Requests: 3 HTTP requests in this frame

Frame: https://www.tamgrt.com/RT
Frame ID: E79846ACF23010EE98A1A5BD347EC2DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Despegar.com

Page URL History Show full URLs

  1. https://www.despegar.com.ar/emtm/tl?u=%2Faftersale%2Fml%2FbS8bxNpNvrUElZlBw9PTRp2vtgJAmO24%3Fcountry%3DA... HTTP 302
    https://www.despegar.com.ar/aftersale/ml/bS8bxNpNvrUElZlBw9PTRp2vtgJAmO24?country=AR&lang=es&clt_n=ce&cl... HTTP 302
    https://www.despegar.com.ar/login?alert=magiclinkexpired Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

25
Subdomains

25
IPs

3
Countries

1058 kB
Transfer

3530 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.despegar.com.ar/emtm/tl?u=%2Faftersale%2Fml%2FbS8bxNpNvrUElZlBw9PTRp2vtgJAmO24%3Fcountry%3DAR%26lang%3Des&p=s&cid=203280&clt_n=ce&company_id=1&clt_emsgid=9dc0282b4439463e81b74c5a7521c7a6011022&key=UT81AK9JAFEGJ4D69OVO6J673E&ltype=sell&clt_c=POSVENTA HTTP 302
    https://www.despegar.com.ar/aftersale/ml/bS8bxNpNvrUElZlBw9PTRp2vtgJAmO24?country=AR&lang=es&clt_n=ce&clt_c=203280 HTTP 302
    https://www.despegar.com.ar/login?alert=magiclinkexpired Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.despegar.com.ar/
Redirect Chain
  • https://www.despegar.com.ar/emtm/tl?u=%2Faftersale%2Fml%2FbS8bxNpNvrUElZlBw9PTRp2vtgJAmO24%3Fcountry%3DAR%26lang%3Des&p=s&cid=203280&clt_n=ce&company_id=1&clt_emsgid=9dc0282b4439463e81b74c5a7521c7a...
  • https://www.despegar.com.ar/aftersale/ml/bS8bxNpNvrUElZlBw9PTRp2vtgJAmO24?country=AR&lang=es&clt_n=ce&clt_c=203280
  • https://www.despegar.com.ar/login?alert=magiclinkexpired
53 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
a8606d752fbf9a7d39d73c2d1267c4bdafd17e5a69634fb1ed53138722a28c88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 07 Feb 2022 00:05:34 GMT
X-UOW
social-login-09-13969514
X-RequestId
VXDWClrR3Z
Content-Language
es-AR
Content-Type
text/html;charset=UTF-8
Server
Powered by Despegar
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Timing-Allow-Origin
https://www.despegar.com.ar
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17468
Connection
Keep-Alive

Redirect headers

Date
Mon, 07 Feb 2022 00:05:34 GMT
X-UOW
social-login-08-13970901
X-RequestId
ER57hYXL4d
Content-Language
es-AR
Location
https://www.despegar.com.ar/login?alert=magiclinkexpired
Content-Length
0
Server
Powered by Despegar
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Timing-Allow-Origin
https://www.despegar.com.ar
login-style.bundle.css
ar.staticontent.com/login-static/dist/7.2.15/ 		81 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ar.staticontent.com/login-static/dist/7.2.15/login-style.bundle.css
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
ef576536901c4b1ce239dd33ddf5f173b0da16693dae762d38b85ad646e3af80
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Oct 2021 13:52:29 GMT
server
Powered by Despegar
etag
"616d7c1d-14227"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
date
Mon, 07 Feb 2022 00:05:35 GMT
accept-ranges
bytes
timing-allow-origin
https://www.despegar.com.ar
vary
Accept-Encoding
content-length
23757
x-xss-protection
1; mode=block
loader-v1.js
www.staticontent.com/desert/script/ 		363 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staticontent.com/desert/script/loader-v1.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
97d7ef35a6d561706412b496eefbcc3d235801951862854df3a67e1ee540adfa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 20:09:07 GMT
server
Powered by Despegar
etag
W/"16b-17e73f50eb8"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
date
Mon, 07 Feb 2022 00:05:35 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
252
x-xss-protection
1; mode=block
main.939dd8ba.css
ar.staticontent.com/shifu/static/ 		177 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ar.staticontent.com/shifu/static/main.939dd8ba.css
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
5702b7bcac3d774335b8dc41511219b8a6f00c789e30863326bda54b3b9685a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
mH1q2BZetD
vary
Accept-Encoding
content-length
46676
x-xss-protection
1; mode=block
last-modified
Fri, 04 Feb 2022 15:13:38 GMT
server
Powered by Despegar
x-uow
shifu-00-1643988009867
x-frame-options
SAMEORIGIN
date
Mon, 07 Feb 2022 00:05:35 GMT
access-control-max-age
3600
access-control-allow-methods
GET,POST,DELETE,PUT,HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
etag
"0d454dc52a9b2927f89f92f86208f1922--gzip"
accept-ranges
bytes
timing-allow-origin
https://www.despegar.com.ar
access-control-allow-headers
origin, content-type, accept, authorization, x-requested-with, x-client, x-version
bad_browser_call.3a31e4b0.js
ar.staticontent.com/dreck/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.staticontent.com/dreck/static/js/bad_browser_call.3a31e4b0.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
4be852d85b873d2dba63f6b2f18eebc09cb5f5dde1d6520f16f5836958514527
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
3Ka21qxbWY
vary
Accept-Encoding
content-length
822
x-xss-protection
1; mode=block
last-modified
Fri, 28 Jan 2022 17:50:48 GMT
server
Powered by Despegar
x-uow
dreck-01-1643500004745
x-frame-options
SAMEORIGIN
date
Mon, 07 Feb 2022 00:05:35 GMT
access-control-max-age
3600
access-control-allow-methods
GET,POST,DELETE,PUT,HEAD
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
etag
"0f46ff6d34e96921b85786c66fdbf5033--gzip"
accept-ranges
bytes
timing-allow-origin
https://www.despegar.com.ar
access-control-allow-headers
origin, content-type, accept, authorization, x-requested-with, x-client, x-version
dreck.9fc924a0.js
ar.staticontent.com/dreck/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.staticontent.com/dreck/static/js/dreck.9fc924a0.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
88d2f7dc3b146a0742c773a76ed9e0124155533bc6c0c66c5b7cb0f1fe2b4b68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
7gmctWcvLU
vary
Accept-Encoding
content-length
825
x-xss-protection
1; mode=block
last-modified
Wed, 05 Jan 2022 13:18:18 GMT
server
Powered by Despegar
x-uow
dreck-00-1642435087020
x-frame-options
SAMEORIGIN
date
Mon, 07 Feb 2022 00:05:35 GMT
access-control-max-age
3600
access-control-allow-methods
GET,POST,DELETE,PUT,HEAD
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
etag
"0c253e2c7f06d958f26f1f8798da13b03--gzip"
accept-ranges
bytes
timing-allow-origin
https://www.despegar.com.ar
access-control-allow-headers
origin, content-type, accept, authorization, x-requested-with, x-client, x-version
main.939dd8ba.js
ar.staticontent.com/shifu/static/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.staticontent.com/shifu/static/js/main.939dd8ba.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
45a504da8e6eb35d6bfdadecab65f982f4c2371a75b8b0040ab2d9f8c114a5fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
x-requestid
Ast6HcsA5d
vary
Accept-Encoding
content-length
7845
x-xss-protection
1; mode=block
last-modified
Fri, 04 Feb 2022 15:13:38 GMT
server
Powered by Despegar
x-uow
shifu-00-1643988009330
x-frame-options
SAMEORIGIN
date
Mon, 07 Feb 2022 00:05:35 GMT
access-control-max-age
3600
access-control-allow-methods
GET,POST,DELETE,PUT,HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
etag
"0f8f6d6176eb1cc5b9db80761582e9db2--gzip"
accept-ranges
bytes
timing-allow-origin
https://www.despegar.com.ar
access-control-allow-headers
origin, content-type, accept, authorization, x-requested-with, x-client, x-version
jquery-1.11.1.min.js
www.staticontent.com/jslibs/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staticontent.com/jslibs/jquery-1.11.1.min.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
content-length
33263
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 14 Jul 2020 15:04:30 GMT
server
Powered by Despegar
x-frame-options
SAMEORIGIN
date
Mon, 07 Feb 2022 00:05:35 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
etag
"5f0dc97e-1762a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 18:11:52 GMT
login-bundle.js
ar.staticontent.com/login-static/dist/7.2.15/ 		420 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.staticontent.com/login-static/dist/7.2.15/login-bundle.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
76d47d0a8c3b4e70e3c07a1a52360b4cf6f354fc509ed91c5783b618ff8aa29c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Oct 2021 13:49:34 GMT
server
Powered by Despegar
etag
"616d7b6e-68fb3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
date
Mon, 07 Feb 2022 00:05:35 GMT
accept-ranges
bytes
timing-allow-origin
https://www.despegar.com.ar
vary
Accept-Encoding
content-length
111119
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,400i,500
Requested by
Host: ar.staticontent.com
URL: https://ar.staticontent.com/login-static/dist/7.2.15/login-style.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9ccdff773d64493f4052108dd8b3e5959bfaeb3876b1d996b6a6ec47edf16fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ar.staticontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 00:05:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Feb 2022 00:05:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Feb 2022 00:05:35 GMT
gtm.js
www.googletagmanager.com/ 		191 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQH2CL
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1770480bf8c517c65c2d5ba9fc603d0a73cecc432eb04e1b96300f2a94bb36ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60982
x-xss-protection
0
expires
Mon, 07 Feb 2022 00:05:35 GMT
gtm.js
www.googletagmanager.com/ 		308 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSCT7Q
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da0e1d721a8ce370c65df1483ef47eb10002f08eac8ff3bb976365b2d2937476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73329
x-xss-protection
0
expires
Mon, 07 Feb 2022 00:05:35 GMT
config
www.despegar.com.ar/shifu/ajax/main/ 		24 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/shifu/ajax/main/config?country=AR&partner={%22isWL%22:%22false%22,%22isAgency%22:%22false%22,%22code%22:%22%22,%22isLoyalty%22:%22false%22}
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
4cf78867a393a23274a43383286db269486ae19f44c656c4d6b9061d14fc95bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
X-Content-Type-Options
nosniff
X-RequestId
GFyqkrqwCF
Vary
Accept-Encoding, User-Agent
Content-Length
24
X-XSS-Protection
1; mode=block
Server
Powered by Despegar
X-UOW
shifu-02-1644192335361
X-Frame-Options
SAMEORIGIN
ETag
"096e58c8876bf6da46c7c20f17fefdb15"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,DELETE,PUT,HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
Access-Control-Allow-Headers
origin, content-type, accept, authorization, x-requested-with, x-client, x-version
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37fd34587005b81971b4028a364f599118d945f0b98c581484feda816adc4e14

Request headers

Referer
Origin
https://www.despegar.com.ar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
font/woff2
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v18/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v18/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.despegar.com.ar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 02:08:48 GMT
x-content-type-options
nosniff
age
338207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33620
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:19:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 03 Feb 2023 02:08:48 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0c69406609d0b64cd82ad02935a21be39170e00b06be8a5a7a71cf1b50465fc

Request headers

Referer
Origin
https://www.despegar.com.ar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
font/woff2
identify
www.trackeame.com/sem-tracker-web/front/ 		332 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.trackeame.com/sem-tracker-web/front/identify?callback=JSONPCallback_7145&trackeame_cookie=&ref=&url=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&pageview_id=&key=UT81AK9JAFEGJ4D69OVO6J673E&
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.79.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-79-52.compute-1.amazonaws.com
Software
Powered by Despegar /
Resource Hash
9236d34eb3a90c8d25099803c0c493a152f23360079a3044a3c7d488a0aa12d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
x-content-type-options
nosniff
x-uow
prod-trk-web-aws-12-1644192335584
x-requestid
utvlakGl8e
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
timing-allow-origin
https://www.trackeame.com
x-xss-protection
1; mode=block
server
Powered by Despegar
expires
0
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=gAsyncInit
Requested by
Host: ar.staticontent.com
URL: https://ar.staticontent.com/login-static/dist/7.2.15/login-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad41aa5f9f52522eb649072660f473ad4dab4c6afbf65bfb816add32284a5085
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/OTCHGvZSMmOJAP++GLsEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"05007291fc09d5f06c1ffa359abc7dc8"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-/OTCHGvZSMmOJAP++GLsEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 07 Feb 2022 00:05:35 GMT
sdk.js
connect.facebook.net/es_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_AR/sdk.js
Requested by
Host: ar.staticontent.com
URL: https://ar.staticontent.com/login-static/dist/7.2.15/login-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
36c9499921c8528e78ee6b8a4dfd9ef648558dbc8dda208f210a538ab4c0b48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yfOoW8g7NYHQuTtgQh9vVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
AC/+kbvrq653nz7+FI3yzFp8/K8u+G1fVOgbzT0LAo94fYLQfLKK2ivHjT9JNzi+Pz3hIX9XFGsGps2tFgmvcQ==
x-fb-trip-id
917726464
x-fb-content-md5
deef9279794330766bc9769781f44b08
x-frame-options
DENY
date
Mon, 07 Feb 2022 00:05:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f9c5dd9cb887744e13282a870428b73a"
timing-allow-origin
*
expires
Mon, 07 Feb 2022 00:09:07 GMT
t
www.despegar.com.ar/hermes-service/ 		133 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/hermes-service/t
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
96704d30844d1dd623eedd8383c8f294b80ab836dd35b1448023ce18733b13fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
X-Content-Type-Options
nosniff
X-RequestId
Vc3PArDyi4
X-Tracker-Proxy
tracker-api-prod
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Server
Powered by Despegar
X-UOW
hermes-prod-17-1644192335462
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache
X-Service
/t
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
Keep-Alive
timeout=60
Expires
Thu, 01 Jan 1970 00:00:00 GMT
BETA_POLICE
www.despegar.com.ar/shifu/ajax/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/shifu/ajax/BETA_POLICE?locale=es_AR
Requested by
Host: ar.staticontent.com
URL: https://ar.staticontent.com/shifu/static/js/main.939dd8ba.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
X-Content-Type-Options
nosniff
X-RequestId
dWISIUN4Kb
Vary
Accept-Encoding, User-Agent
Content-Length
2
X-XSS-Protection
1; mode=block
Server
Powered by Despegar
X-UOW
shifu-01-1644192335493
X-Frame-Options
SAMEORIGIN
ETag
"099914b932bd37a50b983c5e7c90ae93b"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,DELETE,PUT,HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
Access-Control-Allow-Headers
origin, content-type, accept, authorization, x-requested-with, x-client, x-version
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1ac5d9a38a06b2752ceb0ad9011a667b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_AR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b26841ca0c1d2b4618caa5fef1b6543d9166c8a1a51c996f582d87eeaacc0d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.despegar.com.ar/
Origin
https://www.despegar.com.ar
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dyk1ob1lTNUea5LZYZMP5g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83487
x-fb-rlafr
0
x-fb-debug
kpoGtZB4pCE1pwiCiLwt9yQsvD3wg5RfpEySuURwNL1Z+WvqwgIDEQabd+Wj7GhVcfKtI7tUFpoIgm7G0kvPeg==
x-fb-content-md5
2edc6f37f7aefdee02783715406369c1
x-frame-options
DENY
date
Mon, 07 Feb 2022 00:05:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5473dc49dfb00bd3f4c9b8aa50462039"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 06 Feb 2023 23:49:07 GMT
google_analytics_events
www.despegar.com.ar/hermes-service/topic/ 		77 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/hermes-service/topic/google_analytics_events
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
d692fe14120f36ca6fc0b7bb6824b307d2ea2272dee1b7c257569de56a14ca08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-UOW
hermes-prod-04-1644192335602
X-RequestId
cduVEcUPjG
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=utf-8
X-Service
/topic/{topicName}
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Connection
Keep-Alive
Timing-Allow-Origin
https://www.despegar.com.ar
Vary
Accept-Encoding
Content-Length
91
X-XSS-Protection
1; mode=block
Server
Powered by Despegar
google_analytics_events
www.despegar.com.ar/hermes-service/topic/ 		77 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/hermes-service/topic/google_analytics_events
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
d692fe14120f36ca6fc0b7bb6824b307d2ea2272dee1b7c257569de56a14ca08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-UOW
hermes-prod-09-1644192335627
X-RequestId
nKLNnXrdXJ
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=utf-8
X-Service
/topic/{topicName}
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Connection
Keep-Alive
Timing-Allow-Origin
https://www.despegar.com.ar
Vary
Accept-Encoding
Content-Length
91
X-XSS-Protection
1; mode=block
Server
Powered by Despegar
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQH2CL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
43
date
Mon, 07 Feb 2022 00:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Feb 2022 02:04:52 GMT
hotjar-10592.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-10592.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQH2CL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash
b69a795903cee53063b923f43fd752f4639fb95602d9dafc4c27427a86d3e17e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:23 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
12
etag
W/dfdeeace4a1395d4d98a84650c46dbec
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ac2pa2VsxmEN-G44Wtrx9_O662C4srY_E-YCMCNwn2OU5jyYfxsn5A==
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
js
www.googletagmanager.com/gtag/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DFR269QBZR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSCT7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2bebb1b44ec8c330384bd78de9d8af9e334992d3cdafa33a93e4d3617cad7a04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62563
x-xss-protection
0
expires
Mon, 07 Feb 2022 00:05:35 GMT
secure-gtm
securegtm.despegar.com.ar/sem-pixel-helper/gtm/ Frame 2230 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securegtm.despegar.com.ar/sem-pixel-helper/gtm/secure-gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSCT7Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.6 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-6-static.despegar.net
Software
/
Resource Hash
9382e20a5ec55738d514abe812a39e7174d439df230599d5dbc94fb3d4af7d6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/

Response headers

Content-Type
text/html;charset=UTF-8
Content-Language
de-DE
Transfer-Encoding
chunked
Date
Mon, 07 Feb 2022 00:05:35 GMT
graphql
www.despegar.com.ar/dsg/ 		61 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/dsg/graphql
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
37a765bad89b5ebf0e1d760e0fb7a87784cd3527de67b640215da3dcaa84920e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-RequestId
oEObmrX8I2
Connection
keep-alive
Content-Length
74
X-XSS-Protection
1; mode=block
X-User-Id
b4ab3567-8189-485e-ab35-678189f85eee
Pragma
no-cache
Server
Powered by Despegar
X-UOW
ltv-categories-prod-02-1644192335707
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
Expires
0
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 		106 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=gAsyncInit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3402db0f440dcb6710a255c7029208cdec7e26ef06ece32ebcdda519314e3d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 19:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36192
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 03:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 19:42:43 GMT
modules.236b96798cfe9acfef1b.js
script.hotjar.com/ 		234 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.236b96798cfe9acfef1b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-10592.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-39.fra50.r.cloudfront.net
Software
/
Resource Hash
7187009cd0700cb8ad9c41c343f31442e2c2bce1597c63771f76a6f1431bd13a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
227609
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62504
access-control-allow-origin
*
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
etag
"5d40ec3f74d4b53cb3f6271f2b03c61e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
WAkPFDZL98pAJZER_CbrFIiyTPH3LX8QOGYUi_OXVU8O9goIPwBshw==
persist
www.despegar.com.ar/trk-identifier/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/trk-identifier/persist
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
X-Content-Type-Options
nosniff
Server
Powered by Despegar
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
Content-Length
0
X-XSS-Protection
1; mode=block
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame C4BB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-10592.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2Py8lkwB5uUJ-Clw4Qaw4jSYs_xoX6A7fbp52bOP5xl9y4BQiUJ24w==
age
227609
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36944350-8&cid=589795084.1644192335&jid=95818684&gjid=1149284542&_gid=1223709897.1644192335&_u=YGBAiEABBAAAAE~&z=704374225
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.despegar.com.ar/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 00:05:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.despegar.com.ar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36944350-52&cid=589795084.1644192335&jid=237864851&gjid=894385578&_gid=1223709897.1644192335&_u=YGDAiEABBAAAAE~&z=1242196706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.despegar.com.ar/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 00:05:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.despegar.com.ar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=508876779&t=pageview&_s=1&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Despegar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=95818684&gjid=1149284542&cid=589795084.1644192335&uid=&tid=UA-36944350-8&_gid=1223709897.1644192335&gtm=2wg220NQH2CL&cg1=%20-%20&cd17=Data%20Analytics%20Ready&cd30=1644192334768.1ybaxwvp&cd32=&cd56=AR&cd81=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&cd118=undefined%20-%20undefined&cd151=None&z=1821531721
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Feb 2022 08:59:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54384
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=508876779&t=pageview&_s=1&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Despegar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAE~&jid=237864851&gjid=894385578&cid=589795084.1644192335&uid=&tid=UA-36944350-52&_gid=1223709897.1644192335&gtm=2wg220NQH2CL&cd1=AR&z=622963906
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Feb 2022 08:59:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54384
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame A831 		513 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a807fca782b15cff6c4e1fd0016c916af7ec419d59b4396b4087f91695a5353
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PYuuvpTU/F6ZaTPdFLlcYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 07 Feb 2022 00:05:35 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-PYuuvpTU/F6ZaTPdFLlcYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-DFR269QBZR&gtm=2oe220&_p=508876779&sr=1600x1200&_gaz=1&ul=en-us&cid=589795084.1644192335&_s=1&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&dt=Despegar.com&sid=1644192334&sct=1&seg=0&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFR269QBZR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.despegar.com.ar/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.despegar.com.ar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DFR269QBZR&cid=589795084.1644192335&gtm=2oe220&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DFR269QBZR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.despegar.com.ar/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.despegar.com.ar
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DFR269QBZR&cid=589795084.1644192335&gtm=2oe220&aip=1&z=1050982833
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36944350-8&cid=589795084.1644192335&jid=95818684&_u=YGBAiEABBAAAAE~&z=1853175301
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36944350-8&cid=589795084.1644192335&jid=95818684&_u=YGBAiEABBAAAAE~&z=1853175301
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36944350-52&cid=589795084.1644192335&jid=237864851&_u=YGDAiEABBAAAAE~&z=261073633
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36944350-52&cid=589795084.1644192335&jid=237864851&_u=YGDAiEABBAAAAE~&z=261073633
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSCT7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14850
x-xss-protection
0
server
cafe
etag
8228622888473677312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Feb 2022 00:05:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
N2HhQxwS6YhSmGPwpd3HIo/WNY7nbh+fcLTOyF7VKTbEZAxce0zEdQBOJfDiBYiAx9NNUawLJiKzhWxy+k/5dA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Feb 2022 00:05:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
taevents-c.js
www.tripadvisor.com/js3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/js3/taevents-c.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.234.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-194.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
13c02c2cc512bde38c2801cb35899632d368edcf627e6e8c4b5f638bc49f5008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:35 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 11:23:46 GMT
server
envoy
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=19572418
accept-ranges
bytes
timing-allow-origin
*
content-length
1289
expires
Wed, 21 Sep 2022 12:52:33 GMT
shifu
www.despegar.com.ar/hermes-service/topic/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/hermes-service/topic/shifu
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
a92be5aad724cc55af6fba67339f9ea4eba9d3979e985352ccad4751fe2eae55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 07 Feb 2022 00:05:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-RequestId
MmQRP4hDmR
Connection
Keep-Alive
Content-Length
95
X-XSS-Protection
1; mode=block
X-User-Id
b4ab3567-8189-485e-ab35-678189f85eee
Server
Powered by Despegar
X-UOW
hermes-prod-15-1644192335899
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
X-Service
/topic/{topicName}
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
1395550314030712
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1395550314030712?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f67414a68a84d2e7ff3133aac21d2e68e4080b07cf00d830027a56c6a854eec7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
l5FvrIg+cNKHYPMp2eRMcvIXrZLZ2e6OYmlyhmb4n/CkICZN1V+2EQe/cC7StsSwz2P9WDjq2oQWeirm/Cn6Zw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Feb 2022 00:05:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1959142245-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame A831 		113 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1959142245-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d442d7575fcce245d4d2af6608ffa60dffb51811abbc4de16dc2591500b7bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 02:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39855
x-xss-protection
0
last-modified
Fri, 21 Jan 2022 03:14:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 02:18:56 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043149754/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043149754/?random=1644192335216&cv=9&fst=1644192335216&num=1&label=cNKeCJr5qLgBELrntPED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&ig=1&data=ltv2%3D1&frm=0&url=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&tiba=Despegar.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1433df4d544df20e84aa3c4df5367c3cab747142b3b61ae2d1caca9e6f8f1ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1086
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1395550314030712&ev=errorltv&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&rl=&if=false&ts=1644192335235&cd[Bucket]=1&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1644192335233.1742827940&it=1644192335104&coo=false&rqm=GET
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 00:05:36 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1395550314030712&ev=de&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&rl=&if=false&ts=1644192335238&cd[user_bucket]=65&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.2.1644192335233.1742827940&it=1644192335104&coo=false&rqm=GET
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 07 Feb 2022 00:05:36 GMT
auto-page-view
www.despegar.com.ar/tracker-api/front/ 		312 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.despegar.com.ar/tracker-api/front/auto-page-view
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.169.5.25 , United States, ASN394043 (CVFBLPM, US),
Reverse DNS
192-169-5-25-static.despegar.net
Software
Powered by Despegar /
Resource Hash
a5c3b87301eb48bf1c9dad5d19a6441fac32aea2e471921d24651b9c4fca3b76
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.despegar.com.ar/login?alert=magiclinkexpired
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 07 Feb 2022 00:05:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-RequestId
7vDihprWkR
Connection
keep-alive
Content-Length
166
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Powered by Despegar
X-UOW
prod-tracker-api-nap-01-1644192336155
X-Frame-Options
SAMEORIGIN
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Security-Policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
Timing-Allow-Origin
https://www.despegar.com.ar
Keep-Alive
timeout=60
Expires
0
gtm.js
www.googletagmanager.com/ Frame 2230 		241 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58KX3PQ
Requested by
Host: securegtm.despegar.com.ar
URL: https://securegtm.despegar.com.ar/sem-pixel-helper/gtm/secure-gtm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3476bc1bb74673e23ee771066d6b2cb5ae2188d92c5c4aec41fc0e55c9705fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securegtm.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50095
x-xss-protection
0
expires
Mon, 07 Feb 2022 00:05:36 GMT
/
www.google.com/pagead/1p-user-list/1043149754/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1043149754/?random=1644192335216&cv=9&fst=1644192000000&num=1&label=cNKeCJr5qLgBELrntPED&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&data=ltv2%3D1&frm=0&url=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&tiba=Despegar.com&async=1&fmt=3&is_vtc=1&random=3543081928&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1043149754/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1043149754/?random=1644192335216&cv=9&fst=1644192000000&num=1&label=cNKeCJr5qLgBELrntPED&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg220&sendb=1&data=ltv2%3D1&frm=0&url=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&tiba=Despegar.com&async=1&fmt=3&is_vtc=1&random=3543081928&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 00:05:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 2230 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securegtm.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
N2HhQxwS6YhSmGPwpd3HIo/WNY7nbh+fcLTOyF7VKTbEZAxce0zEdQBOJfDiBYiAx9NNUawLJiKzhWxy+k/5dA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Feb 2022 00:05:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame A831 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.despegar.com.ar&client_id=3144130631.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1959142245-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 07 Feb 2022 01:05:36 GMT
1395550314030712
connect.facebook.net/signals/config/ Frame 2230 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1395550314030712?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f67414a68a84d2e7ff3133aac21d2e68e4080b07cf00d830027a56c6a854eec7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securegtm.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89196
x-xss-protection
0
pragma
public
x-fb-debug
l5FvrIg+cNKHYPMp2eRMcvIXrZLZ2e6OYmlyhmb4n/CkICZN1V+2EQe/cC7StsSwz2P9WDjq2oQWeirm/Cn6Zw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 07 Feb 2022 00:05:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 2230 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1395550314030712&ev=de&dl=https%3A%2F%2Fsecuregtm.despegar.com.ar%2Fsem-pixel-helper%2Fgtm%2Fsecure-gtm&rl=https%3A%2F%2Fwww.despegar.com.ar%2F&if=true&ts=1644192335528&cd[user_bucket]=67&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1644192335233.1742827940&it=1644192335499&coo=false&rqm=GET
Requested by
Host: www.despegar.com.ar
URL: https://www.despegar.com.ar/login?alert=magiclinkexpired
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securegtm.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 07 Feb 2022 00:05:36 GMT
tracker-bd2f00fcacf889cdaff261abc229f5bf.js
www.staticontent.com/csperf/collector/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staticontent.com/csperf/collector/tracker-bd2f00fcacf889cdaff261abc229f5bf.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQH2CL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-252.deploy.static.akamaitechnologies.com
Software
Powered by Despegar /
Resource Hash
a1b3c9a4a5993529bdde263856a879558d5087500ca64fa30e37008fb7313ade
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
content-encoding
gzip
x-content-type-options
nosniff
x-uow
csperf-collector-02-4447-657960
date
Mon, 07 Feb 2022 00:05:36 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
content-length
2697
x-xss-protection
1; mode=block
server
Powered by Despegar
RT
www.tamgrt.com/ Frame E798 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tamgrt.com/RT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.183.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-183-217.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.despegar.com.ar
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/

Response headers

server
envoy
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin
https://www.tripadvisor.com
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
expires
Mon, 07 Feb 2022 00:05:36 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 07 Feb 2022 00:05:36 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=508876779&t=timing&_s=2&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Despegar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2631&pdt=1&dns=0&rrt=1043&srt=290&tcp=0&dit=1689&clt=1689&_gst=1833&_gbt=1974&_cst=1583&_cbt=1796&_u=YGDAiEABBAAAAE~&jid=&gjid=&cid=589795084.1644192335&uid=&tid=UA-36944350-8&_gid=1223709897.1644192335&gtm=2wg220NQH2CL&cg1=%20-%20&cd17=Data%20Analytics%20Ready&cd30=1644192334768.1ybaxwvp&cd32=&cd56=AR&cd81=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&cd118=undefined%20-%20undefined&cd151=None&z=224937214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Feb 2022 08:59:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54385
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=508876779&t=timing&_s=2&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Despegar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2631&pdt=1&dns=0&rrt=1043&srt=290&tcp=0&dit=1689&clt=1689&_gst=1833&_gbt=1974&_cst=1583&_cbt=1796&_u=YGDAiEABBAAAAE~&jid=&gjid=&cid=589795084.1644192335&uid=&tid=UA-36944350-52&_gid=1223709897.1644192335&gtm=2wg220NQH2CL&cd1=AR&z=1690766016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Feb 2022 08:59:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54385
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1395550314030712&ev=Microdata&dl=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&rl=&if=false&ts=1644192336742&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Despegar.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.2.1644192335233.1742827940&it=1644192335104&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 07 Feb 2022 00:05:37 GMT
/
www.facebook.com/tr/ Frame 2230 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1395550314030712&ev=Microdata&dl=https%3A%2F%2Fsecuregtm.despegar.com.ar%2Fsem-pixel-helper%2Fgtm%2Fsecure-gtm&rl=https%3A%2F%2Fwww.despegar.com.ar%2F&if=true&ts=1644192337030&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.2.1644192335233.1742827940&it=1644192335499&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securegtm.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 00:05:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 07 Feb 2022 00:05:37 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=541577542537589&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.despegar.com.ar%2Flogin%3Falert%3Dmagiclinkexpired&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1ac5d9a38a06b2752ceb0ad9011a667b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.despegar.com.ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
spkSB1258uh7D8vfBDGYj11bOtd09fIfW0fjs0lOMkQyDeRhZlYMan9P12Wq9xxf6F99FUNQEpaHCoTTigVHtQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Mon, 07 Feb 2022 00:05:38 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.despegar.com.ar
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| event object| dreckInfoData boolean| dreckLoginIncentiveActive function| dreckShowLoginIncentive object| extra_tracking_context object| UpaDataTracker object| dataLayer string| locale string| country string| lang string| product string| channel object| ShifuConfig function| sendTrackToTrackeame object| clicklabTrackeame object| trackeameExtraData boolean| enableDomainSupport function| JSONPCallback_7145 function| $ function| jQuery object| dpv object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| gAsyncInit function| fbAsyncInit object| FB object| google_tag_manager number| MAX_BUFFER_SIZE object| CSPERF_OPTIONS object| blacklist string| category undefined| pid string| pr object| xhttp object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gapi object| ___jsl object| _GTMUTILS function| secureIframeMessage object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData object| osapi function| onYouTubeIframeAPIReady function| fbq function| _fbq function| taq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| secureIframe object| trackingData boolean| fb_soft_login_fired boolean| __csperf_included__

21 Cookies

Domain/Path Name / Value
www.despegar.com.ar/ Name: xdesp-rand-usr
Value: 496
www.despegar.com.ar/ Name: trackerid
Value: b4ab3567-8189-485e-ab35-678189f85eee
.google.com/ Name: NID
Value: 511=LjpAbzhFfr_JZVRLWPhp8todWbbcg635t3qfCzhFq0CZRB9knqCWM5mdSdQfTevaqGYIIrokhPN6tbANrtcgoypFmmkWHu8Yv6Lx0wGj1YZHvcb7QiW8FYDLRCysSJUCz4aJKVjkAlmiHU69d7JiIdeGx99pSlP5G_a9OkzfZu8
.despegar.com.ar/ Name: _gcl_au
Value: 1.1.617771011.1644192335
.trackeame.com/ Name: trackeame_cookie
Value: %7B%22id%22%3A%221229A2197B231643826008993e8533d2c-0b02-4e66-9e5e-ae41d52dd53e4193000%22%2C%22creation_date%22%3A%222022-02-07T00%3A05%3A35Z%22%2C%22company_id%22%3A%221%22%2C%22version%22%3A%227.0%22%7D
.despegar.com.ar/ Name: _gid
Value: GA1.3.1223709897.1644192335
.despegar.com.ar/ Name: _dc_gtm_UA-36944350-8
Value: 1
.despegar.com.ar/ Name: _dc_gtm_UA-36944350-52
Value: 1
.www.despegar.com.ar/ Name: G_ENABLED_IDPS
Value: google
.despegar.com.ar/ Name: _ga
Value: GA1.1.589795084.1644192335
.despegar.com.ar/ Name: trackeame_cookie
Value: %7B%22id%22%3A%221229A2197B231643826008993e8533d2c-0b02-4e66-9e5e-ae41d52dd53e4193000%22%2C%22creation_date%22%3A%222022-02-07T00%3A05%3A35Z%22%2C%22company_id%22%3A%221%22%2C%22version%22%3A%227.0%22%7D
.despegar.com.ar/ Name: _hjSessionUser_10592
Value: eyJpZCI6IjEzMDM0MWQ0LTM0YWYtNWQ4MC04MzZkLWM3YzYyYmZmYzJiZSIsImNyZWF0ZWQiOjE2NDQxOTIzMzQ5MDIsImV4aXN0aW5nIjpmYWxzZX0=
.despegar.com.ar/ Name: _hjFirstSeen
Value: 1
www.despegar.com.ar/ Name: _hjIncludedInSessionSample
Value: 0
.despegar.com.ar/ Name: _hjSession_10592
Value: eyJpZCI6IjUwMGE2NzY5LWRhZDctNGE5My05MTAyLTM4M2U1Njg3MjgzYSIsImNyZWF0ZWQiOjE2NDQxOTIzMzUwMzIsImluU2FtcGxlIjpmYWxzZX0=
.despegar.com.ar/ Name: _hjAbsoluteSessionInProgress
Value: 0
.despegar.com.ar/ Name: _ga_DFR269QBZR
Value: GS1.1.1644192334.1.1.1644192335.59
.despegar.com.ar/ Name: _fbp
Value: fb.2.1644192335233.1742827940
securegtm.despegar.com.ar/ Name: xdesp-rand-usr
Value: 525
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.www.tamgrt.com/ Name: RT
Value: %1%enc%3Ats5cxHjqP8W4lXLTkQdmPkoN4t%2BS3Y9t%2FiOU2ZAY%2BMfrJ%2BkRm2XjyJqxvATpgmsPzfWXeabz9Z0%3D

1 Console Messages

Source Level URL
Text
network error URL: https://www.despegar.com.ar/hermes-service/topic/shifu
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' http://www.kayak.com http://www.kayak.com.ar http://www.kayak.cl http://www.kayak.com.co http://www.kayak.com.pe http://www.kayak.com.mx http://www.kayak.com.br http://www.tripadvisor.com http://www.tripadvisor.com.br http://www.tripadvisor.com.mx www.farecompare.com www.idealo.com http://viajala.com.co http://viajala.com.mx http://viajala.com.pe www.clicktripz.com http://viajala.cl http://viajala.com.ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
apis.google.com
ar.staticontent.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
script.hotjar.com
securegtm.despegar.com.ar
ssl.gstatic.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.despegar.com.ar
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.staticontent.com
www.tamgrt.com
www.trackeame.com
www.tripadvisor.com
143.204.98.123
143.204.98.39
143.204.98.76
172.217.16.130
192.169.5.25
192.169.5.6
2.17.183.217
2.18.232.252
2.18.234.194
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::200d
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
34.236.79.52
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13c02c2cc512bde38c2801cb35899632d368edcf627e6e8c4b5f638bc49f5008
1433df4d544df20e84aa3c4df5367c3cab747142b3b61ae2d1caca9e6f8f1ab0
1770480bf8c517c65c2d5ba9fc603d0a73cecc432eb04e1b96300f2a94bb36ea
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2bebb1b44ec8c330384bd78de9d8af9e334992d3cdafa33a93e4d3617cad7a04
3402db0f440dcb6710a255c7029208cdec7e26ef06ece32ebcdda519314e3d2b
3476bc1bb74673e23ee771066d6b2cb5ae2188d92c5c4aec41fc0e55c9705fc4
36c9499921c8528e78ee6b8a4dfd9ef648558dbc8dda208f210a538ab4c0b48c
37a765bad89b5ebf0e1d760e0fb7a87784cd3527de67b640215da3dcaa84920e
37fd34587005b81971b4028a364f599118d945f0b98c581484feda816adc4e14
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a504da8e6eb35d6bfdadecab65f982f4c2371a75b8b0040ab2d9f8c114a5fd
4a807fca782b15cff6c4e1fd0016c916af7ec419d59b4396b4087f91695a5353
4be852d85b873d2dba63f6b2f18eebc09cb5f5dde1d6520f16f5836958514527
4cf78867a393a23274a43383286db269486ae19f44c656c4d6b9061d14fc95bc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5702b7bcac3d774335b8dc41511219b8a6f00c789e30863326bda54b3b9685a3
7187009cd0700cb8ad9c41c343f31442e2c2bce1597c63771f76a6f1431bd13a
76d47d0a8c3b4e70e3c07a1a52360b4cf6f354fc509ed91c5783b618ff8aa29c
7d442d7575fcce245d4d2af6608ffa60dffb51811abbc4de16dc2591500b7bbc
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88d2f7dc3b146a0742c773a76ed9e0124155533bc6c0c66c5b7cb0f1fe2b4b68
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9236d34eb3a90c8d25099803c0c493a152f23360079a3044a3c7d488a0aa12d5
9382e20a5ec55738d514abe812a39e7174d439df230599d5dbc94fb3d4af7d6b
96704d30844d1dd623eedd8383c8f294b80ab836dd35b1448023ce18733b13fc
97d7ef35a6d561706412b496eefbcc3d235801951862854df3a67e1ee540adfa
a0c69406609d0b64cd82ad02935a21be39170e00b06be8a5a7a71cf1b50465fc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b3c9a4a5993529bdde263856a879558d5087500ca64fa30e37008fb7313ade
a5c3b87301eb48bf1c9dad5d19a6441fac32aea2e471921d24651b9c4fca3b76
a8606d752fbf9a7d39d73c2d1267c4bdafd17e5a69634fb1ed53138722a28c88
a92be5aad724cc55af6fba67339f9ea4eba9d3979e985352ccad4751fe2eae55
ad41aa5f9f52522eb649072660f473ad4dab4c6afbf65bfb816add32284a5085
b26841ca0c1d2b4618caa5fef1b6543d9166c8a1a51c996f582d87eeaacc0d75
b69a795903cee53063b923f43fd752f4639fb95602d9dafc4c27427a86d3e17e
c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6
c9ccdff773d64493f4052108dd8b3e5959bfaeb3876b1d996b6a6ec47edf16fb
d692fe14120f36ca6fc0b7bb6824b307d2ea2272dee1b7c257569de56a14ca08
da0e1d721a8ce370c65df1483ef47eb10002f08eac8ff3bb976365b2d2937476
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef576536901c4b1ce239dd33ddf5f173b0da16693dae762d38b85ad646e3af80
f67414a68a84d2e7ff3133aac21d2e68e4080b07cf00d830027a56c6a854eec7