www.edestinos.com.br Open in urlscan Pro
23.36.162.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edestinos.com.br/
Effective URL:
https://www.edestinos.com.br/
Submission: On March 02 via api (March 2nd 2023, 6:36:46 am UTC) from US — Scanned from DE

Summary HTTP 221 Redirects Links 73 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 41 domains to perform 221 HTTP transactions. The main IP is 23.36.162.208, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.edestinos.com.br.
TLS certificate: Issued by R3 on February 3rd 2023. Valid for: 3 months.

This is the only time www.edestinos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.83.4.32 104.83.4.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 52	23.36.162.208 23.36.162.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
19	18.65.39.76 18.65.39.76	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
2	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 17	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400d:80e::200d	15169 (GOOGLE) (GOOGLE)
4	34.102.191.167 34.102.191.167	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::681a:e0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.6 13.224.189.6	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:f8a... 2600:1f18:f8a:b703:5a81:f87d:ffc8:4ebf	14618 (AMAZON-AES) (AMAZON-AES)
1	35.155.25.126 35.155.25.126	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
5	44.209.151.138 44.209.151.138	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.191.98 13.224.191.98	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	52.36.128.54 52.36.128.54	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:f8a... 2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb	14618 (AMAZON-AES) (AMAZON-AES)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
10	2a00:1450:400... 2a00:1450:400d:802::2006	15169 (GOOGLE) (GOOGLE)
2 2	18.195.54.139 18.195.54.139	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 2	3.65.159.191 3.65.159.191	16509 (AMAZON-02) (AMAZON-02)
2	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
221	49

1 104.83.4.32 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-32.deploy.static.akamaitechnologies.com

edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 23.36.162.208 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-208.deploy.static.akamaitechnologies.com

www.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
progress.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.edestinos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.65.39.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-76.ams1.r.cloudfront.net

static1.eskypartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

js.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.39.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.191.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.191.102.34.bc.googleusercontent.com

sdk.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:e0a (United States)

ASN13335 (CLOUDFLARENET, US)

lib.wtg-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-6.fra2.r.cloudfront.net

static.clicktripz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b703:5a81:f87d:ffc8:4ebf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.25.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-25-126.us-west-2.compute.amazonaws.com

www.clicktripz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.209.151.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-151-138.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-98.fra2.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.128.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-128-54.us-west-2.compute.amazonaws.com

api.clicktripz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.54.139 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-139.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.159.191 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-159-191.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	edestinos.com.br 2 redirects edestinos.com.br — Cisco Umbrella Rank: 875434 www.edestinos.com.br progress.edestinos.com.br secure.edestinos.com.br	609 KB
29	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	185 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com	298 KB
19	eskypartners.com static1.eskypartners.com — Cisco Umbrella Rank: 226741	1 MB
12	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 76 region1.analytics.google.com — Cisco Umbrella Rank: 4370 fcmatch.google.com — Cisco Umbrella Rank: 2851 adservice.google.com — Cisco Umbrella Rank: 73	80 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	163 KB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 7007 img.riskified.com — Cisco Umbrella Rank: 6349 c.riskified.com — Cisco Umbrella Rank: 4964	15 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	2 KB
7	gstatic.com fonts.gstatic.com	137 KB
6	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
6	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 377 ib.adnxs.com — Cisco Umbrella Rank: 203	12 KB
5	adara.com js.adara.com — Cisco Umbrella Rank: 21069 sdk.adara.com — Cisco Umbrella Rank: 20475	2 KB
5	sojern.com static.sojern.com — Cisco Umbrella Rank: 15247 pixel.sojern.com — Cisco Umbrella Rank: 7365	25 KB
5	edestinos.com www.edestinos.com — Cisco Umbrella Rank: 681533	125 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476	58 KB
4	wtg-ads.com lib.wtg-ads.com — Cisco Umbrella Rank: 35439	217 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	70 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	4 KB
3	clicktripz.com static.clicktripz.com — Cisco Umbrella Rank: 15941 www.clicktripz.com — Cisco Umbrella Rank: 16753 api.clicktripz.com — Cisco Umbrella Rank: 18078	7 KB
3	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	884 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	275 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	796 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 726	2 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1886	24 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	76 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 803	134 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	16 KB
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4131	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	88 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	75 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	542 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	863 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 918	330 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	607 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 2850	432 B
1	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 668	436 B
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5288	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
221	41

	Domain	Requested by
42	www.edestinos.com.br	1 redirects www.edestinos.com.br
19	pagead2.googlesyndication.com	www.googletagmanager.com pagead2.googlesyndication.com tpc.googlesyndication.com 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
19	static1.eskypartners.com	www.edestinos.com.br
15	cm.g.doubleclick.net	6 redirects www.edestinos.com.br googleads.g.doubleclick.net 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
10	s0.2mdn.net	www.edestinos.com.br s0.2mdn.net
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	img.riskified.com
5	www.google.de	www.edestinos.com.br
5	www.google.com	www.edestinos.com.br tpc.googlesyndication.com
5	www.edestinos.com	www.edestinos.com.br
4	lib.wtg-ads.com	www.googletagmanager.com lib.wtg-ads.com
4	ib.adnxs.com	2 redirects lib.wtg-ads.com googleads.g.doubleclick.net
4	sdk.adara.com	js.adara.com
4	www.google-analytics.com	www.edestinos.com.br www.google-analytics.com
4	progress.edestinos.com.br	www.edestinos.com.br progress.edestinos.com.br
3	c.amazon-adsystem.com	lib.wtg-ads.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	cdn.jsdelivr.net	lib.wtg-ads.com
3	pixel.sojern.com	static.sojern.com
3	accounts.google.com	www.edestinos.com.br accounts.google.com
3	ads.travelaudience.com	2 redirects www.edestinos.com.br
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.edestinos.com.br
3	www.googletagmanager.com	www.edestinos.com.br www.googletagmanager.com
2	googleads4.g.doubleclick.net	www.edestinos.com.br
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	c.riskified.com	beacon.riskified.com
2	64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	script.4dex.io	lib.wtg-ads.com script.4dex.io
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.googletagservices.com	lib.wtg-ads.com 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
2	static.xx.fbcdn.net	www.facebook.com
2	www.facebook.com	connect.facebook.net
2	tag.yieldoptimizer.com	2 redirects
2	connect.facebook.net	www.edestinos.com.br connect.facebook.net
2	secure.adnxs.com	2 redirects
2	static.sojern.com	www.googletagmanager.com static.sojern.com
1	ssbsync.smartadserver.com	64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	api.clicktripz.com	static.clicktripz.com
1	prebid.a-mo.net	lib.wtg-ads.com
1	htlb.casalemedia.com	lib.wtg-ads.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.clicktripz.com	static.clicktripz.com
1	beacon.riskified.com	www.edestinos.com.br
1	static.clicktripz.com	www.edestinos.com.br
1	match.adsrvr.org	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.edestinos.com.br	www.edestinos.com.br
1	simage2.pubmatic.com	1 redirects
1	js.adara.com	www.edestinos.com.br
1	cdn.speedcurve.com	www.edestinos.com.br
1	fonts.googleapis.com	www.edestinos.com.br
1	edestinos.com.br	1 redirects
221	64

This site contains links to these domains. Also see Links.

Domain
carros.edestinos.com.br
www.getyourguide.com.br
app.edestinos.com.br
go.edestinos.com.br
play.google.com
apps.apple.com
appgallery7.huawei.com
avianca.edestinos.com.br
blog.edestinos.com.br
eskypartners.com
www.facebook.com
www.youtube.com
www.instagram.com
www.edestinos.com.ar
www.edestinos.com.bo
www.edestinos.cl
www.edestinos.com.sv
www.edestinos.com.co
www.edestinos.cr
www.edestinos.com.do
www.edestinos.com.gt
www.edestinos.com.hn
www.edestinos.com.mx
www.edestinos.com.ni
www.edestinos.com.pa
www.edestinos.com.pe
www.edestinos.com.pr
www.edestinos.com.py
www.eskytravel.be
www.esky.ba
www.esky.bg
www.esky.cz
www.eskytravel.dk
www.eskytravel.de
www.esky.es
www.esky.fr
www.esky.gr
www.esky.hr
www.esky.ie
www.eskytravel.it
www.esky.hu
www.esky.md
www.esky.nl
www.eskytravel.no
www.esky.at
www.esky.pl
www.esky.pt
www.esky.rs
www.esky.ro
www.esky.se
www.esky.sk
www.esky.fi
www.eskytravel.ch
www.esky.co.uk
www.esky.com.eg
www.esky.co.ke
www.esky.co.ma
www.esky.com.ng
www.eskytravel.co.za
www.esky.com.hk
www.esky.com.my
www.esky.com.sg
www.esky.com.tr
www.eskytravel.co.nz
www.esky.eu
www.esky.com
www.edestinos.com

Subject Issuer	Validity	Valid
www.edestinos.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-16` - `2023-08-17`	a year	crt.sh
static1.eskypartners.com Certum Domain Validation CA SHA2	`2022-07-12` - `2023-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
dishme.app GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-09`	2 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adara.com Go Daddy Secure Certificate Authority - G2	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.clicktripz.com Amazon RSA 2048 M02	`2023-02-23` - `2023-12-10`	10 months	crt.sh
*.riskified.com Amazon RSA 2048 M01	`2023-03-02` - `2023-05-04`	2 months	crt.sh
www.clicktripz.com R3	`2023-02-11` - `2023-05-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
img.riskified.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-25` - `2023-05-25`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
api.clicktripz.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.edestinos.com.br/
Frame ID: 9F9AC031ED16CABF89EBD74AE226B22D
Requests: 155 HTTP requests in this frame

Frame: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Frame ID: F5CC22ABCD1805F23AAED39119AE5CF2
Requests: 7 HTTP requests in this frame

Frame: https://www.edestinos.com.br/xstorage.html
Frame ID: B3F1D3F06552671C66BD4759BA9A19F2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=175824989237491&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a80418cf4e4d%26domain%3Dwww.edestinos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252Ff117f5437645eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FeDestinosBrasil%2F&layout=standard&locale=pt_BR&sdk=joey&share=true&show_faces=true
Frame ID: 0AA11177EE6C431176B5E22E13DB9529
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: A82970D7849D5BE8482FEDC424DEBD87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9920207046752446&output=html&adk=1812271804&adf=3025194257&lmt=1677738999&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677738998886&bpp=4&bdt=2091&idt=164&shv=r20230227&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2781162644944&frm=20&pv=2&ga_vid=331767709.1677738997&ga_sid=1677738999&ga_hid=1605556939&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C31072649&oid=2&pvsid=449212333680438&tmod=1244516945&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
Frame ID: D141EF9406C21DAEEC0EF04C2F4D4906
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6484DEC4485D61F55B0D045FE9397BF9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96A8A03EB01F96064DEB6E1C670938BC
Requests: 2 HTTP requests in this frame

Frame: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4D602B42E302366FEE2EA5591829B53B
Requests: 1 HTTP requests in this frame

Frame: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3461D6455D0CEF7F6C4A8F3FCE9C8BF9
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGOH4vtMBMAE&v=APEucNUi92dGgugfMe-SZOt8obJoD1D3AK8wthLPRvMKWVoJMUN5EkBBhEc5YlLmG4tqHkYzZD-h1Wz3NXsJa5Z9Nh0YqDRgCuf5pdgux1fnmfcGa8hEjy-ksV9c45Ux4yBlZGnP_QuXcJqpiDowNeiz3E6U1pPntUCkcJlf_et00wYtdGCibrA
Frame ID: C61B3B8E62DA000B7E74F7CB8889C5FF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6383865A7B8CEA62658BD76F882E520
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8BF24E0EE533715E0CC916CA911D96C8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
Frame ID: 3E179B48987E583BA45B5DC43C4E281A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eDestinos.com.br - Passagens Aéreas, Reserva de Passagem Aérea

Page URL History Show full URLs

http://edestinos.com.br/ HTTP 301
http://www.edestinos.com.br/ HTTP 301
https://www.edestinos.com.br/ Page URL

Detected technologies

Riskified (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<[^>]*beacon\.riskified\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

221
Requests

93 %
HTTPS

47 %
IPv6

41
Domains

64
Subdomains

49
IPs

9
Countries

4164 kB
Transfer

8957 kB
Size

65
Cookies

73 Outgoing links

These are links going to different origins than the main page.

URL: https://carros.edestinos.com.br/?preflang=br&cor=br&adplat=hpHeader&adcamp=whitelabeledestinosBR
Title: Carros

Search URL Search Domain Scan URL

URL: https://www.getyourguide.com.br/?partner_id=6PH6GQ5&cmp=BR
Title: Atrações

Search URL Search Domain Scan URL

URL: https://app.edestinos.com.br/?utm_source=edestinos.com.br&utm_medium=menu
Title: Aplicativo móvel

Search URL Search Domain Scan URL

URL: https://go.edestinos.com.br/travel-restrictions
Title: Regras de viagem

Search URL Search Domain Scan URL

URL: https://carros.edestinos.com.br/?preflang=br&cor=br&adplat=hpQSF&adcamp=whitelabeledestinosBR
Title: Carros

Search URL Search Domain Scan URL

URL: https://go.edestinos.com.br/para-onde-e-possivel-voar
Title: Veja no mapa

Search URL Search Domain Scan URL

URL: https://app.edestinos.com.br/
Title: Baixe e aproveite as ofertas

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.edestinos&hl=pt-br&referrer=utm_source%3DAppWrapper%26utm_campaign%3DAndroidBR

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/id892327289?l=pt

Search URL Search Domain Scan URL

URL: https://appgallery7.huawei.com/#/app/C102120313

Search URL Search Domain Scan URL

URL: https://carros.edestinos.com.br/?preflang=br&cor=br&adplat=hpFooter&adcamp=whitelabeledestinosBR
Title: Aluguel de carros

Search URL Search Domain Scan URL

URL: https://www.getyourguide.com.br/?partner_id=6PH6GQ5&cmp=BR
Title: Atrações

Search URL Search Domain Scan URL

URL: https://app.edestinos.com.br/?utm_source=edestinos.com.br&utm_medium=footer
Title: Aplicativo móvel

Search URL Search Domain Scan URL

URL: https://avianca.edestinos.com.br/
Title: Avianca

Search URL Search Domain Scan URL

URL: https://blog.edestinos.com.br/
Title: Blog

Search URL Search Domain Scan URL

URL: https://eskypartners.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/eDestinosBrasil/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eDestinoscombr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/edestinos/

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.ar/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.bo/
Title: Bolivia

Search URL Search Domain Scan URL

URL: https://www.edestinos.cl/
Title: Chile

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.sv/
Title: El Salvador

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.co/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://www.edestinos.cr/
Title: Costa Rica

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.do/
Title: República Dominicana

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.gt/
Title: Guatemala

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.hn/
Title: Honduras

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.mx/
Title: México

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.ni/
Title: Nicaragua

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.pa/
Title: Panamá

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.pe/
Title: Perú

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.pr/
Title: Puerto Rico

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.py/
Title: Paraguay

Search URL Search Domain Scan URL

URL: https://www.eskytravel.be/
Title: België

Search URL Search Domain Scan URL

URL: https://www.esky.ba/
Title: Bosna i Hercegovina

Search URL Search Domain Scan URL

URL: https://www.esky.bg/
Title: България

Search URL Search Domain Scan URL

URL: https://www.esky.cz/
Title: Česká republika

Search URL Search Domain Scan URL

URL: https://www.eskytravel.dk/
Title: Danmark

Search URL Search Domain Scan URL

URL: https://www.eskytravel.de/fluge
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://www.esky.es/
Title: Espańa

Search URL Search Domain Scan URL

URL: https://www.esky.fr/
Title: France

Search URL Search Domain Scan URL

URL: https://www.esky.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www.esky.hr/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www.esky.ie/
Title: Ireland

Search URL Search Domain Scan URL

URL: https://www.eskytravel.it/
Title: Italia

Search URL Search Domain Scan URL

URL: https://www.esky.hu/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://www.esky.md/
Title: Moldova

Search URL Search Domain Scan URL

URL: https://www.esky.nl/
Title: Nederland

Search URL Search Domain Scan URL

URL: https://www.eskytravel.no/
Title: Norge

Search URL Search Domain Scan URL

URL: https://www.esky.at/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://www.esky.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://www.esky.pt/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://www.esky.rs/
Title: Srbija

Search URL Search Domain Scan URL

URL: https://www.esky.ro/bilete-de-avion
Title: România

Search URL Search Domain Scan URL

URL: https://www.esky.se/
Title: Sverige

Search URL Search Domain Scan URL

URL: https://www.esky.sk/
Title: Slovensko

Search URL Search Domain Scan URL

URL: https://www.esky.fi/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.eskytravel.ch/
Title: Schweiz

Search URL Search Domain Scan URL

URL: https://www.esky.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.esky.com.eg/
Title: Egypt

Search URL Search Domain Scan URL

URL: https://www.esky.co.ke/
Title: Kenya

Search URL Search Domain Scan URL

URL: https://www.esky.co.ma/
Title: Maroc

Search URL Search Domain Scan URL

URL: https://www.esky.com.ng/
Title: Nigeria

Search URL Search Domain Scan URL

URL: https://www.eskytravel.co.za/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://www.esky.com.hk/
Title: Hong Kong

Search URL Search Domain Scan URL

URL: https://www.esky.com.my/
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://www.esky.com.sg/
Title: Singapore

Search URL Search Domain Scan URL

URL: https://www.esky.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://www.eskytravel.co.nz/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www.esky.eu/
Title: eSky.eu

Search URL Search Domain Scan URL

URL: https://www.esky.com/
Title: eSky.com

Search URL Search Domain Scan URL

URL: https://www.edestinos.com/
Title: eDestinos.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edestinos.com.br/ HTTP 301
http://www.edestinos.com.br/ HTTP 301
https://www.edestinos.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://ads.travelaudience.com/trg.gif?ds=dp&acc=ES&pt=5&lvl=1&la=undefined&exid=default&sc=1 HTTP 307
https://secure.adnxs.com/px?bidder=320&seg=4564892&external_uid=FD06D961A05545DC80ACC40AD1EEDC0E&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw%26piggybackCookie%3DFD06D961A05545DC80ACC40AD1EEDC0E%26r%3Dhttps%253A%252F%252Fcm.g.doubleclick.net%252Fpixel%253Fgoogle_nid%253Dta%2526google_cm%2526google_hm%253D_QbZYaBVRdyArMQK0e7cDg2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fbidder%3D320%26seg%3D4564892%26external_uid%3DFD06D961A05545DC80ACC40AD1EEDC0E%26redir%3Dhttps%253A%252F%252Fsimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw%2526piggybackCookie%253DFD06D961A05545DC80ACC40AD1EEDC0E%2526r%253Dhttps%25253A%25252F%25252Fcm.g.doubleclick.net%25252Fpixel%25253Fgoogle_nid%25253Dta%252526google_cm%252526google_hm%25253D_QbZYaBVRdyArMQK0e7cDg2 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw&piggybackCookie=FD06D961A05545DC80ACC40AD1EEDC0E&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dta%26google_cm%26google_hm%3D_QbZYaBVRdyArMQK0e7cDg2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_cm&google_hm=_QbZYaBVRdyArMQK0e7cDg2 HTTP 302
https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEEZRP0_TgpF2FurDZhBN_Ho&google_cver=1

Request Chain 102

https://tag.yieldoptimizer.com/ps/ps?t=i&p=6645&_yoid=43a55b39-e6bd-4a5b-b3d5-553947ebfeed&_yosid=a8f0cbe8-7070-4764-b231-b19be3316ca9 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=109579533&t=i&p=6645&_yoid=43a55b39-e6bd-4a5b-b3d5-553947ebfeed&_yosid=a8f0cbe8-7070-4764-b231-b19be3316ca9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjczMTYwOTk0Ng&google_sc

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Q2X9uurlCAcCwYzJZlUGQg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m&google_gid=CAESEOKymIsiwknTLcyhsld8zUA&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_hm=Q2X9uurlCAcCwYzJZlUGQg&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopm8RYrL2iU8NAp45SuHogBLfV8A9d3UUz4orvBJiYbbME0njmY8D0E7SbtmC0TNTqJnT_5zaOx1_l-dp7ku5mvdMg9lB3grkmZb0OU20RGWkWD51k HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopm8RYrL2iU8NAp45SuHogBLfV8A9d3UUz4orvBJiYbbME0njmY8D0E7SbtmC0TNTqJnT_5zaOx1_l-dp7ku5mvdMg9lB3grkmZb0OU20RGWkWD51k

Request Chain 106

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m HTTP 302
https://pixel.sojern.com/idsync/apn?id=480477894867673093&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&C=1

Request Chain 188

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABD.KpNlZsNULbMBQGwfwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&google_hm=2

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBXLbTBFROFpQfUA6NeaTvI&google_cver=1

Request Chain 190

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDc3ODk0ODY3NjczMDkz

Request Chain 198

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cver=1&google_push=Aa02lx-FLgzdHqNS3Fg84mrYQB1y10alR465SyqiGulqYlhPhNTIUanzcTIUoMCydLDdhaLduXPO5zWDVNAjzz1_dgY1cX02eKJ1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cver=1&google_push=Aa02lx-FLgzdHqNS3Fg84mrYQB1y10alR465SyqiGulqYlhPhNTIUanzcTIUoMCydLDdhaLduXPO5zWDVNAjzz1_dgY1cX02eKJ1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNjeXpRdGsxUHhDeXQ1&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cver=1&google_push=Aa02lx-FLgzdHqNS3Fg84mrYQB1y10alR465SyqiGulqYlhPhNTIUanzcTIUoMCydLDdhaLduXPO5zWDVNAjzz1_dgY1cX02eKJ1

Request Chain 199

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKra9_q4SUcSqSDsibRr24g&google_cver=1&google_push=Aa02lx-F3dcnSggZh5uENIetU5zEk5CVYUoZSbhso0xZids84LRnzGqtK6mKxeLhfwKI3oCTjVEhA-0sn6Rk7BJKMVoQ_132-xHm_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-F3dcnSggZh5uENIetU5zEk5CVYUoZSbhso0xZids84LRnzGqtK6mKxeLhfwKI3oCTjVEhA-0sn6Rk7BJKMVoQ_132-xHm_g

Request Chain 200

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHHH9GJ-lKiVPyM5UV94aMI&google_cver=1&google_push=Aa02lx-jaOJuEFkNtOWnHVMqL2r-oo7HalF_AekTcOXTLZmAdwAzHF_-GVxDACTmoO5V4U6ZHVewUj1UIM-_k9mRUIhlnqJJWlh9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHH9GJ-lKiVPyM5UV94aMI&google_push=Aa02lx-jaOJuEFkNtOWnHVMqL2r-oo7HalF_AekTcOXTLZmAdwAzHF_-GVxDACTmoO5V4U6ZHVewUj1UIM-_k9mRUIhlnqJJWlh9

Request Chain 201

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM_8pNUnv4KStRf5a_Gmjuk&google_cver=1&google_push=Aa02lx_mI7eHELLq5CS67EE0TwVywU2p8hLSslTORlm78MkcJf2b6ABPQGz9r6fI_2LPtWtIKbscWtPUXkzpqLK5JXKXjf0zLgVcLA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_QbZYaBVRdyArMQK0e7cDg2&google_push=Aa02lx_mI7eHELLq5CS67EE0TwVywU2p8hLSslTORlm78MkcJf2b6ABPQGz9r6fI_2LPtWtIKbscWtPUXkzpqLK5JXKXjf0zLgVcLA

Request Chain 203

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBomY-5TS0vps7VytjfW6Xw&google_cver=1&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-oViRmv6p0N9_XZl6JW21JKrBC6VjM HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBomY-5TS0vps7VytjfW6Xw&google_cver=1&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-oViRmv6p0N9_XZl6JW21JKrBC6VjM&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DM2J5YXBORTJ1R0N4WEdIUFJkbnZQa1pEdF83OGtkX35B&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-oViRmv6p0N9_XZl6JW21JKrBC6VjM

Request Chain 204

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQATmKk9FvlxqnZsWU75Lw&google_cver=1&google_push=Aa02lx_CFBje-fvyniYTiDu_ub2sEK8zCwNeC44W2l-zTFtw4TRt_AluBlhhOArAoUbZUIL2sFQJkXY_bunRlVzqf2wQRQs2K7YizA4 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQATmKk9FvlxqnZsWU75Lw&google_cver=1&google_push=Aa02lx_CFBje-fvyniYTiDu_ub2sEK8zCwNeC44W2l-zTFtw4TRt_AluBlhhOArAoUbZUIL2sFQJkXY_bunRlVzqf2wQRQs2K7YizA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8d0dd514-f0fe-46eb-9d55-f390c775418f&%%GOOGLE_PUSH_PAIR%%

221 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.edestinos.com.br/
Redirect Chain

http://edestinos.com.br/
http://www.edestinos.com.br/
https://www.edestinos.com.br/

200 KB
36 KB

47ms
26ms

Document
text/html

23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

da21aa02f9b6b967745ddc94066674be183cdb86e53dab6392878d6a1ddb252e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=2006
content-encoding: gzip
content-language: pt-BR
content-length: 36746
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 06:36:36 GMT
esky-correlation-id: 603646EC-0449-1084-78D0-79E94955E0B5
esky-resource-type: landing-page-main
expires: Thu, 02 Mar 2023 07:10:02 GMT
server: esky-edge
strict-transport-security: max-age=15768000; includeSubDomains; preload;
uber-trace-id
vary: Accept-Encoding
x-content-type-options: nosniff
x-generated-by: dbr30-b1663
x-request-id: a0b848e36476808494bef47673976ca1f0fbac21
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 174
Content-Type: text/html
Date: Thu, 02 Mar 2023 06:36:36 GMT
Expires: Thu, 02 Mar 2023 06:36:36 GMT
Location: https://www.edestinos.com.br/
Server: esky-edge
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 213ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba0fc80d949409c367679ae62bbbe21005b653408a6baf1b23e1ec51f3251140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 05:58:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 06:36:36 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 19 KB
7 KB 175ms
7ms Script
application/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=4134562730
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 82f5921977cb167201c89e6c59bc86d73c45e3209ec88a0e9b2ba9455128ea89

Request headers

Referer: https://www.edestinos.com.br/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 02 Mar 2023 06:36:36 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 41
x-cache: HIT
content-length: 7153
x-served-by: cache-hhn-etou8220076-HHN
last-modified: Thu, 02 Mar 2023 06:35:55 GMT
server: Apache
x-timer: S1677738997.986127,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 06:35:55 GMT

GET
H2 200 default.css
www.edestinos.com.br/res/b1663/eui/css/default/templates/ 170 KB
28 KB 145ms
139ms Stylesheet
text/css 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

ad13cbb2d0ff900c5dbbf4d9ea0c36c5e8bd4d1b40d3f1f686563a988e092b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:37:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=457097
accept-ranges: bytes
content-length: 28647
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 13:34:53 GMT

GET
H2 200 normal.css
www.edestinos.com.br/res/b1663/eui/css/default/pages/mainpage/ 87 KB
14 KB 180ms
174ms Stylesheet
text/css 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/css/default/pages/mainpage/normal.css

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

b92c2ebab61b479744c99a96b6feeaf371f01760e0267b7b7b3ea4569b304d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:37:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=462799
accept-ranges: bytes
content-length: 14022
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 15:09:55 GMT

GET
H2 200 0.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 189 KB
60 KB 166ms
160ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/0.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

2c9acbd74a48039642026812e6ad5f3e353e5d602a36474a5dfa9c2d4ace53d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=452092
accept-ranges: bytes
content-length: 61027
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:11:28 GMT

GET
H2 200 2.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 49 KB
14 KB 149ms
143ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/2.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

a042ab934ad6c7bb28ebe842d0e982e7f60bf380dea2ea5a0a53d38c38aeb781

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451771
accept-ranges: bytes
content-length: 14080
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:06:07 GMT

GET
H2 200 1.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 9 KB
4 KB 147ms
140ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/1.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

3457f7c463a9acacb127774b26cf9cc173b0cc1cb669e7bb04d40ae1f18b6c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451737
accept-ranges: bytes
content-length: 3699
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:33 GMT

GET
H2 200 3.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 35 KB
10 KB 186ms
180ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/3.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

104c12ae15b58ae83ed6925817f951232cb0f1b24a70e85cba96d63a19437cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451693
accept-ranges: bytes
content-length: 9871
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:04:49 GMT

GET
H2 200 4.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 35 KB
10 KB 189ms
183ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/4.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

fa7ac9172004b2527ecd2824e6ea1b4955250357f7c1a42291b33764b7f1de78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=452271
accept-ranges: bytes
content-length: 9756
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:14:27 GMT

GET
H2 200 5.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 62 KB
21 KB 150ms
144ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/5.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

95c34767df336279a837d7c82a6d97927833a83f105d0486c463cbb5671540da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451696
accept-ranges: bytes
content-length: 21006
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:04:52 GMT

GET
H2 200 6.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 11 KB
4 KB 180ms
174ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/6.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

eb561356ba8f25b01ee53e234c49c76af475fcfd0eaaa9734ed5c35949c01afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451735
accept-ranges: bytes
content-length: 4053
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:31 GMT

GET
H2 200 7.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 19 KB
3 KB 149ms
143ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/7.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

fc6e1d615ac55793593666c3ee35b657fb32af84b9631227875d453bbde096cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451722
accept-ranges: bytes
content-length: 3046
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:18 GMT

GET
H2 200 common.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 96 KB
30 KB 189ms
183ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/common.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

d1afcad854af0ef5008b97db33c63afa676fab9b8c56bea4a43012889a65d5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451990
accept-ranges: bytes
content-length: 30745
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:09:46 GMT

GET
H2 200 router.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 8 KB
4 KB 147ms
141ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/router.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

3435d7202974abdbc3d1ef7cb3aa5bb1bd635ccc2fe597719bb1bb0e187e0630

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451685
accept-ranges: bytes
content-length: 3378
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:04:41 GMT

GET
H2 200 pt_br.js Show response
www.edestinos.com.br/res/b1663/eui/js/partners-locale/ 9 KB
3 KB 191ms
185ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/partners-locale/pt_br.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

9ddc60e13bc8a828a2894ecde147035ca08661a7709aaf643de25a5510add97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451736
accept-ranges: bytes
content-length: 2830
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:32 GMT

GET
H2 200 8.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 59 KB
15 KB 180ms
175ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/8.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

137de89c58549269c3105d11ffbaad9141804c3526b86536eae293ea333d6d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451920
accept-ranges: bytes
content-length: 15418
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:08:36 GMT

GET
H2 200 9.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 43 KB
12 KB 181ms
176ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/9.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

f123222af4bea8f965ae29a49fa737777d016d1f9c6fc8b68ae00b7e2ada5884

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451735
accept-ranges: bytes
content-length: 11600
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:31 GMT

GET
H2 200 10.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 25 KB
3 KB 200ms
195ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/10.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

89ff8f14e53e35f029f67e669ace29a367a6fce2b495772ec79a839707e7ddc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451969
accept-ranges: bytes
content-length: 2364
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:09:26 GMT

GET
H2 200 11.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 113 KB
29 KB 184ms
179ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/11.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

eb51330633820d029e4ac798d28b27fcfaca919172dc511e2b0fbeaf61e29e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451736
accept-ranges: bytes
content-length: 29053
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:32 GMT

GET
H2 200 14.js Show response
www.edestinos.com.br/res/b1663/eui/js/ 15 KB
5 KB 186ms
182ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/14.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

ac20e623d64c173495a4692d3b324d637d65a28f9e633ee08fd7e9f18b7bc8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=454373
accept-ranges: bytes
content-length: 4770
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:49:29 GMT

GET
H2 200 normal.js Show response
www.edestinos.com.br/res/b1663/eui/js/mainpage/ 18 KB
6 KB 189ms
185ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/mainpage/normal.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

9182a6c55d1b4b85f18bb8229a5863949a2bdbcade967d5e874404d5981a161d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=454669
accept-ranges: bytes
content-length: 6043
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:54:25 GMT

GET
H2 200 cj.js Show response
www.edestinos.com.br/res/b1663/eui/js/affiliates/ 2 KB
1 KB 41ms
37ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/js/affiliates/cj.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

37010ff57d24b06cb9276c7ac00076c34cdee636f947dc93b9b0eafbe77d0923

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 10:48:30 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=451730
accept-ranges: bytes
content-length: 870
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 12:05:27 GMT

GET
H2 200 edestinosdbr30-raw-white.svg
static1.eskypartners.com/logos/ 3 KB
4 KB 96ms
26ms Image
image/svg+xml 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/logos/edestinosdbr30-raw-white.svg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 509d2ceca3c04330ea117c8381e4462c4db7d235e618e6a5681e5c7454dca9e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2017 06:07:08 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 29002
etag: "5915510c-dee"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 3566
x-amz-cf-id: PFJVjvNXbF3Jp3HqW_mU5MtvFSP5nx0iBBiYsO3JzIfg1cGFjcqKqQ==
expires: Wed, 08 Mar 2023 22:33:15 GMT

GET
H2 200 illustration-default-user_zone.svg
www.edestinos.com.br/_fe/img/ 6 KB
3 KB 173ms
168ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/illustration-default-user_zone.svg?s=80x80

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

5a2a198416a1d73546134591584fb18514afee0178abff956b7a011b1c1122af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 07:06:17 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"199a-t3XDdl5g48AJjFNTYrNESGLwPXs"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2198
accept-ranges: bytes
content-length: 2903
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_google_multicolor.svg
www.edestinos.com.br/_fe/img/ 849 B
796 B 170ms
166ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_google_multicolor.svg?s=20x20

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

1f5059958c454cf7d0c7d5f61720b3bff25696bfe8b4bcb646ea7f5e2db2544a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 06:50:04 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"351-G13Rhgrapqple0E5+IAgorL+fz0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2086
accept-ranges: bytes
content-length: 474
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_facebook_multicolor.svg
www.edestinos.com.br/_fe/img/ 507 B
657 B 196ms
192ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_facebook_multicolor.svg?s=20x20

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

8ec4492afe1e481486c6a8a88f72da907c2dbe4722462d3d9914157f8a377914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 06:27:25 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"1fb-+qzx/5LgSh+hos/xm8LpOjLxogc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2026
accept-ranges: bytes
content-length: 335
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_mail.svg
www.edestinos.com.br/_fe/img/ 423 B
573 B 180ms
176ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_mail.svg?s=20x20

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

aeed0a8042545b68356b6224994aea4299111d9677a5b57ab3d7848804a04c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 07:10:54 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"1a7-v5VRNBvNHJudPOt+H0hqXnEBWl4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2109
accept-ranges: bytes
content-length: 252
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_plane_right.svg
www.edestinos.com.br/_fe/img/ 1 KB
1 KB 182ms
178ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_plane_right.svg?c=ffffff

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

9f3dcd3ef5fe7014331851eb84b099b6ba929d969f2995a95bcc576a227aaaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 07:01:15 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"5bd-T3u7uf1ih/I0QBeac50UDva4rMA"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2108
accept-ranges: bytes
content-length: 768
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_hotel.svg
www.edestinos.com.br/_fe/img/ 629 B
715 B 188ms
184ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_hotel.svg?c=ffffff

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

7e75c3eacb5284685fbba1ee237dc9772abfea2b3ee14bed0416575b7ec70eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 07:01:15 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"275-EuqZ6R0s2mmblMWqI+nfPCNW6Do"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2096
accept-ranges: bytes
content-length: 392
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_car.svg
www.edestinos.com.br/_fe/img/ 1 KB
1 KB 211ms
208ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_car.svg?c=ffffff

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

3d8b7f7d357d179150640504e8d4ebac840c11a3db813fdd94d421dd433de2be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 06:48:48 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"567-7OMqVdSIxuAaOaCF0367EFIszkg"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2172
accept-ranges: bytes
content-length: 768
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 icon_umbrella_big.svg
www.edestinos.com.br/_fe/img/ 1 KB
927 B 174ms
171ms Image
image/svg+xml 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_umbrella_big.svg?c=ffffff

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

a55ece1c61e034cd83fe591b917b02396c146122b3a1d6a0ad589ad27f230e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Thu Mar 02 2023 07:01:15 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"44e-vr5fKysYJQAtuxX0MNYG25JhDDY"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=2049
accept-ranges: bytes
content-length: 605
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 edestinos_icon.png
www.edestinos.com.br/_fe/img/ 9 KB
9 KB 241ms
238ms Image
image/png 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/edestinos_icon.png

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

bcdaa505e1ed00e17d6b30ae0cbf0a1ef89f10d9fcfd8ce3365ad226b98bfd25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 16:51:19 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"24b4-7ZbuF8dCWyYnsiaEAahFJjZzN+k"
content-type: image/png
cache-control: private, max-age=3491
accept-ranges: bytes
content-length: 9396
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 getjsconfig Show response
www.edestinos.com.br/ 706 B
908 B 489ms
485ms Script
text/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/getjsconfig?source=dbr_mainpage_index&partnerCode=EDESTINOS

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

d9a1edfba6aa1fe0b8c8a0a8e64cd2a5ff1e490edd0a2d6da4387131e120b7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
uber-trace-id
esky-correlation-id: DF76CDDD-DF65-0708-7042-8D657F1755F9
content-length: 404
x-generated-by: dbr30-b1663
x-request-id: dd6a6fe2b39b30eb06c5bc3d20ef3e0e5dfaf066
x-xss-protection: 1; mode=block
pragma: no-cache
server: esky-edge
esky-resource-type: dynamic
vary: Accept-Encoding
content-language: pt-BR
content-type: text/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 spcjs.php Show response
progress.edestinos.com.br/www/delivery/ 2 KB
1 KB 177ms
108ms Script
application/x-javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://progress.edestinos.com.br/www/delivery/spcjs.php?id=14&page=main_page_carousel&from=&to=&fromcountry=&tocountry=

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

2d1b9fd515aed1376aaa3eb09ebb7859cb1c3952e88ee727b00fcc46ec1d939a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
gd: off
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 06:36:37 GMT
server: esky-edge
strict-transport-security: max-age=15768000; includeSubDomains; preload;
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=0, no-cache, no-store
content-length: 767
x-xss-protection: 1; mode=block
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 168ms
49ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 05:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4747
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Mar 2023 07:17:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 352 KB
91 KB 153ms
72ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-47TP

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75d9b0511506a2203607a77bcd58e3957a6779dc9ed69760acdf6f3ac90539ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92255
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 BR-SG-17-02-21.jpg
www.edestinos.com.br/_fe/img/ 13 KB
14 KB 209ms
208ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/BR-SG-17-02-21.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

8041e2a9ca3fda9b61d1ba8e03aa6f24d6a82ddf00e188e5fb5bdabf47ed3c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 09:08:12 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"35e6-T0b9dZ8yCUvfUw9OgJ/2e3+whX4"
content-type: image/webp
cache-control: private, max-age=1
accept-ranges: bytes
content-length: 13798
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 inspo-El-Salvador_344x463.jpg
www.edestinos.com/_fe/img/ 27 KB
27 KB 284ms
215ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com/_fe/img/inspo-El-Salvador_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

ced2404b6365c1713aed30880b31ba25a3bb2ac9402edc1e44a00ddcb1b0565f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 09:08:12 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"6afe-2ppWmKmWavDtTWk42o1kV0YlsJA"
content-type: image/webp
cache-control: private, max-age=46
accept-ranges: bytes
content-length: 27390
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 inspo-Rio-de-Janeiro_344x463.jpg
www.edestinos.com/_fe/img/ 23 KB
24 KB 378ms
310ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com/_fe/img/inspo-Rio-de-Janeiro_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

b88136006a2a4b562374a91997a7f12d804e68d66b95eb1a643ce190237486d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 09:08:12 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"5d6c-65fvoi9fP0G4R9HfAfJxkMAGYIo"
content-type: image/webp
cache-control: private, max-age=35
accept-ranges: bytes
content-length: 23916
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 inspo-Sao-Paulo_344x463.jpg
www.edestinos.com/_fe/img/ 15 KB
15 KB 281ms
214ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com/_fe/img/inspo-Sao-Paulo_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

c09a29439b8e046c4d971bd2975d6e41fa6b2fef4c00b4a37f1d51cc3c27e2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 09:08:12 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"3b56-ODjpd11zHnQE1M1ha3v7hxi7KyQ"
content-type: image/webp
cache-control: private, max-age=77
accept-ranges: bytes
content-length: 15190
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 inspo-Denver_344x463.jpg
www.edestinos.com/_fe/img/ 37 KB
37 KB 247ms
180ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com/_fe/img/inspo-Denver_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

bf362c1f21aaaa3d856992972bba5814243cad5880e0565d0b2715baa4b380de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 09:08:12 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"9238-dGnklaNYt20qBG/tTLJrSJtGUwY"
content-type: image/webp
cache-control: private, max-age=25
accept-ranges: bytes
content-length: 37432
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 inspo-Honolulu_344x463.jpg
www.edestinos.com/_fe/img/ 22 KB
22 KB 262ms
195ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com/_fe/img/inspo-Honolulu_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

890979a81fefd0731a414375cbd321041918ad7db91966b5076da734c71171df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Wed Mar 01 2023 09:08:12 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"5850-BTKEbNWaIGvaVbtZXLjB6aIcTOE"
content-type: image/webp
cache-control: private, max-age=21
accept-ranges: bytes
content-length: 22608
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 stars_desktop.png
www.edestinos.com.br/res/b1663/eui/img/ 15 KB
15 KB 194ms
191ms Image
image/png 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/res/b1663/eui/img/stars_desktop.png

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

095c021af173fc972093ffe60ac7cdf1a6d492efb0086f73c757755deb6016df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
content-length: 15037
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 sprite_footer.png
www.edestinos.com.br/res/b1663/eui/img/ 36 KB
36 KB 171ms
168ms Image
image/png 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/res/b1663/eui/img/sprite_footer.png

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

a7c8864a5604420feb35225983b5d5cf39b63f7d183188a121a96fbdb97a4b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
content-length: 36793
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 187ms
49ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:02:06 GMT
x-content-type-options: nosniff
age: 581671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:02:06 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 252ms
115ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:26:01 GMT
x-content-type-options: nosniff
age: 51036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:26:01 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 262ms
126ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:22:38 GMT
x-content-type-options: nosniff
age: 555239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 20:22:38 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 196ms
59ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:41:43 GMT
x-content-type-options: nosniff
age: 50094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:41:43 GMT

GET
H2 200 eSKY.woff2
www.edestinos.com.br/res/b1663/eui/fonts/ 77 KB
78 KB 33ms
32ms Font
text/plain 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/eui/fonts/eSKY.woff2?39w0nz

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

62ac21f4bb033875e840d5fceedad4db98bb9e79b4256af3939fb54fc4cc98f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edestinos.com.br/res/b1663/eui/css/default/templates/default.css
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: esky-edge
esky-resource-type: static
cache-control: max-age=457066
accept-ranges: bytes
content-length: 79348
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 13:34:23 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v27/ 6 KB
6 KB 189ms
152ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

154627be91ed8c1e92a0c4cd4011eef27d4b1ff1be423ad20836fc283e00393b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:31:52 GMT
x-content-type-options: nosniff
age: 75885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6072
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 09:31:52 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2
fonts.gstatic.com/s/notosans/v27/ 31 KB
31 KB 194ms
157ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c68b2a38364637eb474ed0a19b85947679b526cb0d2276586de685ab79ff517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:58:51 GMT
x-content-type-options: nosniff
age: 77866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31544
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 08:58:51 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5jRAW_0.woff2
fonts.gstatic.com/s/notosans/v27/ 7 KB
7 KB 212ms
175ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5jRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e9afc1dc2629f375e2befdb50c1f4e41f79444aa93b39ce0979c3573ca8b446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:42:37 GMT
x-content-type-options: nosniff
age: 104040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 01:42:37 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 146 KB
50 KB 82ms
79ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TG8K796&cid=331767709.1677738997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

765dff7d7185f9d3d46deedf25192d7b84b5eaf0898b37d7388359a11a297237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50505
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 77ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-47TP

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 02 Mar 2023 06:36:36 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4FAF21A955024ED2A1541369535267C7 Ref B: FRAEDGE1515 Ref C: 2023-03-02T06:36:37Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/ 3 KB
2 KB 192ms
76ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/?random=1677738997383&cv=11&fst=1677738997383&bg=ffffff&guid=ON&async=1&gtm=45He32r0h1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&userId=default&auid=1644974689.1677738997&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-47TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a84c58e8202dd72a0250891222f46286aa28019d4eda8454599b6be35539c93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/ 3 KB
1 KB 219ms
107ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/?random=1677738997387&cv=11&fst=1677738997387&bg=ffffff&guid=ON&async=1&gtm=45He32r0h1&u_w=1600&u_h=1200&label=GtTzCNuf1WQQh6ry5AM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&userId=default&auid=1644974689.1677738997&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-47TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f05b3de6d6956f5ea97119138bd2b77b485b2c5522d6e5d8bfb5049f213c49db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 396 KB
104 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3604beeecd9e843dd714037b56c0e5114c776c9a53eaf0a2b13a82373fa53035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105939
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 06:36:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 53ms
18ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21804834-1&cid=331767709.1677738997&jid=27744401&gjid=357207937&_gid=697130089.1677738997&_u=aGDAgAADQAAAAE~&z=139488825

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1605556939&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&ul=en-us&de=UTF-8&dt=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADQ~&jid=27744401&gjid=357207937&cid=331767709.1677738997&tid=UA-21804834-1&_gid=697130089.1677738997&gtm=45He32r0h1n5147TP&cm1=999&z=981061144

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 11:17:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69556
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4036608.js Show response
bat.bing.com/p/action/ 0
118 B 108ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4036608.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 02 Mar 2023 06:36:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9C4C3D686FF4DEE861AB9BCBF415FDF Ref B: FRAEDGE1515 Ref C: 2023-03-02T06:36:37Z
x-cache: CONFIG_NOCACHE

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
17ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-136029019-1&cid=331767709.1677738997&jid=1187287452&gjid=1159826487&_gid=697130089.1677738997&_u=aGDAgAADQAAAAE~&z=1485567926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 veNk3cJBImq42RsD.html Show response
static.sojern.com/cip/p/ Frame F5CC 5 KB
5 KB 77ms
15ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 949c2a3a8684bde5dca23be817b9a119706071950c7f9d59b5fed74cb21bb81c

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 4718
content-type: text/html
date: Thu, 02 Mar 2023 05:46:47 GMT
etag: "28ef7de62c6d2bfd5ae2297e0a834c97"
expires: Thu, 02 Mar 2023 06:46:47 GMT
last-modified: Wed, 28 Apr 2021 17:01:07 GMT
server: UploadServer
x-goog-generation: 1619629267368276
x-goog-hash: crc32c=T7k+NQ== md5=KO995ixtK/1a4il+CoNMlw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4718
x-guploader-uploadid: ADPycdtjPHtq8-W559-jGn08uD2Y8ZEsbSumOrUFXoGmRLR-v6kD9a0xAGbzccdd4IYoVMTB3_38oY1MWKuhtUKfVh7VG2a5LgXu

GET
H2 200 index.js Show response
js.adara.com/ 4 KB
2 KB 32ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.adara.com/index.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5cb557a93cee9ab58da4f7e0ded20309261f563d53dc5573ccf6a4a1a9ed6a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.edestinos.com.br/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 02 Mar 2023 06:36:37 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1617
x-served-by: cache-hhn-etou8220061-HHN
last-modified: Mon, 23 May 2022 17:57:27 GMT
x-timer: S1677738998.564490,VS0,VE0
etag: "7a8337caae20a0c135adffbe3cb67fe41d814816469cb25a936431d29e14d413-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 119760

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N9CRQD0ZQC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f93f5ab7889e94520bd394ee8420f97b2a95183ae3b545bd98ad8ad9607d4bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
48ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1605556939&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&ul=en-us&de=UTF-8&dt=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADQAAAAE~&jid=1187287452&gjid=1159826487&cid=331767709.1677738997&tid=UA-136029019-1&_gid=697130089.1677738997&gtm=45He32r0n81NH83QL6&z=945145369

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 11:17:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69556
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

google_match.ashx
ads.travelaudience.com/
Redirect Chain

https://ads.travelaudience.com/trg.gif?ds=dp&acc=ES&pt=5&lvl=1&la=undefined&exid=default&sc=1
https://secure.adnxs.com/px?bidder=320&seg=4564892&external_uid=FD06D961A05545DC80ACC40AD1EEDC0E&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9...
https://secure.adnxs.com/bounce?%2Fpx%3Fbidder%3D320%26seg%3D4564892%26external_uid%3DFD06D961A05545DC80ACC40AD1EEDC0E%26redir%3Dhttps%253A%252F%252Fsimage2.pubmatic.com%252FAdServer%252FPug%253Fvc...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw&piggybackCookie=FD06D961A05545DC80ACC40AD1EEDC0E&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_cm&google_hm=_QbZYaBVRdyArMQK0e7cDg2
https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEEZRP0_TgpF2FurDZhBN_Ho&google_cver=1

35 B
164 B

22ms
20ms

Image
image/gif

35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEEZRP0_TgpF2FurDZhBN_Ho&google_cver=1
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/gif
x-host: tde-deliveryengine-production-cdcfc8b9-pkc7z
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.travelaudience.com/google_match.ashx?google_gid=CAESEEZRP0_TgpF2FurDZhBN_Ho&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 188ms
70ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21804834-1&cid=331767709.1677738997&jid=27744401&_u=aGDAgAADQAAAAE~&z=285005084

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 193ms
72ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21804834-1&cid=331767709.1677738997&jid=27744401&_u=aGDAgAADQAAAAE~&z=285005084

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 185ms
71ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-136029019-1&cid=331767709.1677738997&jid=1187287452&_u=aGDAgAADQAAAAE~&z=1429039248

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 191ms
72ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-136029019-1&cid=331767709.1677738997&jid=1187287452&_u=aGDAgAADQAAAAE~&z=1429039248

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fff85e6a82c9844340c36a49cf3cca8a2023e470b171c78f2edec68e94b1cc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 06:36:37 GMT
content-md5: a2IT/ALdg5QX/MRPDXpN3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: q1sTARhPK8UVy2E8vtWHtwkDxgTxUqMVwjON5fBftCX7B9vqi/VTrf6Czra8DxRs4tBGU5FjeoEMBYVosZAkNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 1aae154dbd8102e1c141028fe5e63841
cross-origin-opener-policy: same-origin-allow-popups
etag: "07d41e6eb923881d8347b497661659a2"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Mar 2023 06:56:34 GMT

GET
H2 200 spc.php Show response
progress.edestinos.com.br/www/delivery/ 3 KB
940 B 103ms
102ms Script
application/x-javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://progress.edestinos.com.br/www/delivery/spc.php?zones=EskyBillboardDouble%3D94%7CEskyBillboard%3D93%7CEskyMainCarousel%3D113%7CEskyMainCarouselPartners%3D0%7CEskyFlightsCarousel%3D146%7CEskyAirlinesWideTop%3D0%7CEskyAirlinesWideBottom%3D0%7CEskyAirportsWideTop%3D0%7CEskyAirportsWideBottom%3D0%7CEskyFlightsWideTop%3D0%7CEskyCheapFlightsWideTop%3D0%7CEskyTravelGuideWideTop%3D0%7CEskyTravelGuideWideBottom%3D0%7CEskyTravelGuideSkyscraper%3D0%7CEskyDirectionalsWideTop%3D0%7CEskyFlightsSearchTop%3D455%7C&nz=1&source=&r=68849499&page=main_page_carousel&from=&to=&fromcountry=&tocountry=&charset=UTF-8&loc=https%3A//www.edestinos.com.br/

Requested by

Host: progress.edestinos.com.br
URL: https://progress.edestinos.com.br/www/delivery/spcjs.php?id=14&page=main_page_carousel&from=&to=&fromcountry=&tocountry=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

d8eace6990c103452b6d84516afe6416e9254e53676e414edb7a15ce683fb1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
gd: off
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 06:36:37 GMT
server: esky-edge
strict-transport-security: max-age=15768000; includeSubDomains; preload;
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=0, no-cache, no-store
content-length: 533
x-xss-protection: 1; mode=block
expires: Thu, 02 Mar 2023 06:36:37 GMT

GET
H2 200 fl.js Show response
progress.edestinos.com.br/www/delivery/ 5 KB
2 KB 50ms
49ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://progress.edestinos.com.br/www/delivery/fl.js

Requested by

Host: progress.edestinos.com.br
URL: https://progress.edestinos.com.br/www/delivery/spcjs.php?id=14&page=main_page_carousel&from=&to=&fromcountry=&tocountry=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-length: 1858
x-xss-protection: 1; mode=block
pragma: no-cache
gd: off
last-modified: Wed, 11 Mar 2020 08:25:54 GMT
server: esky-edge
etag: "15d6-5a08ffc1bc880-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 02 Mar 2023 06:36:37 GMT

POST
H2 200 eapi Show response
www.edestinos.com.br/ 238 B
751 B 89ms
88ms XHR
application/json 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/eapi

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

2685413ff17b9815752655126dddd2a7c1370db1b58ec670da1242574b934504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.edestinos.com.br/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
partner: EDESTINOS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-dns-prefetch-control: off
esky-correlation-id: 6F48E67F-2C87-3E9A-9097-166CD0CA5C71
content-length: 200
x-generated-by: esky_api-b873
x-xss-protection: 1; mode=block
server: esky-edge
etag: W/"ee-YW6s9XfV22XtPg1dvL8kYpl841U"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edestinos.com.br
esky-eapi-status: missing-token
cache-control: max-age=0
access-control-allow-credentials: true
expires: Thu, 02 Mar 2023 06:36:37 GMT

POST
H2 204 cookies Show response
secure.edestinos.com.br/pass/ 0
3 KB 345ms
293ms XHR
text/plain 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.edestinos.com.br/pass/cookies?partner_id=EDESTINOS

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.edestinos.com.br secure.edestinos.com.br api.edestinos.com bookings.eskypartners.com secure.eskypartners.com .doubleclick.net .facebook.com .google.al .google.am .google.at .google.ba .google.be .google.bg .google.bs .google.by .google.ca .google.cat .google.ch .google.cl .google.cn .google.co .google.co.cr .google.co.id .google.co.il .google.co.in .google.co.jp .google.co.kr .google.co.ma .google.co.nz .google.co.th .google.co.uk .google.co.ve .google.co.za .google.com .google.com.ar .google.com.au .google.com.bo .google.com.br .google.com.co .google.com.cu .google.com.cy .google.com.do .google.com.ec .google.com.eg .google.com.et .google.com.gi .google.com.gt .google.com.hk .google.com.jm .google.com.mt .google.com.mx .google.com.my .google.com.ni .google.com.pa .google.com.pe .google.com.ph .google.com.pr .google.com.py .google.com.qa .google.com.sa .google.com.sg .google.com.sv .google.com.tr .google.com.tw .google.com.ua .google.com.uy .google.com.vn .google.cz .google.de .google.dk .google.dm .google.ee .google.es .google.eu .google.fi .google.fr .google.ge .google.gr .google.hn .google.hr .google.hu .google.ie .google.is .google.it .google.je .google.li .google.lk .google.lt .google.lu .google.lv .google.md .google.me .google.mg .google.mk .google.mn .google.mv .google.nl .google.no .google.pl .google.ro .google.rs .google.ru .google.sc .google.se .google.si .google.sk .google.sm .google.tn .google.us .googleadservices.com .google-analytics.com .gstatic.com .hotelbeds.com .ipresso.pl .riskified.com .bstatic.com asa-isa.com bat.bing.com bat.r.msn.com do1ztk2swfi8z.cloudfront.net images.gta-travel.com media.expedia.com mpsnare.iesnare.com secure.rentalcars.com .esky.pl .eskypartners.com www.tripadvisor.com .esky.com .msecnd.net ads.avocet.io i.travelapi.com criteo-partners.tremorhub.com sync-criteo.ads.yieldmo.com criteo-sync.teads.tv exchange.mediavine.com ib.adnxs.com matching.ivitrack.com r.casalemedia.com simage2.pubmatic.com sync-t1.taboola.com ups.analytics.yahoo.com visitor.omnitagjs.com .bidswitch.net .criteo.com .googlesyndication.com www.googletagmanager.com cm.adform.net e1.emxdgt.com ad.yieldlab.net id5-sync.com ad.360yield.com contextual.media.net .3lift.com sync.outbrain.com match.sharethrough.com pixel.rubiconproject.com dpm.demdex.net s.thebrighttag.com tags.bluekai.com idsync.rlcdn.com static.sojern.com clickmeter.com .smartadserver.com beacon.krxd.net .clickmeter.com c.bing.com x.dlx.addthis.com i.liadm.com ade.clmbtech.com s.ad.smaato.net trends.revcontent.com .socdm.com ads.travelaudience.com static.criteo.net tbs.tradedoubler.com .edestinos.com.br .hotjar.com:* ws://.hotjar.com wss://.hotjar.com compare.edestinos.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https://skybox.eskypartners.com; report-uri /csp-report;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://skybox.eskypartners.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires: Thu, 02 Mar 2023 06:36:38 GMT
pragma: no-cache
content-security-policy: default-src 'self' www.edestinos.com.br secure.edestinos.com.br api.edestinos.com bookings.eskypartners.com secure.eskypartners.com *.doubleclick.net *.facebook.com *.google.al *.google.am *.google.at *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cat *.google.ch *.google.cl *.google.cn *.google.co *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.uk *.google.co.ve *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bo *.google.com.br *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.ni *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vn *.google.cz *.google.de *.google.dk *.google.dm *.google.ee *.google.es *.google.eu *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.is *.google.it *.google.je *.google.li *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mv *.google.nl *.google.no *.google.pl *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.si *.google.sk *.google.sm *.google.tn *.google.us *.googleadservices.com *.google-analytics.com *.gstatic.com *.hotelbeds.com *.ipresso.pl *.riskified.com *.bstatic.com asa-isa.com bat.bing.com bat.r.msn.com do1ztk2swfi8z.cloudfront.net images.gta-travel.com media.expedia.com mpsnare.iesnare.com secure.rentalcars.com *.esky.pl *.eskypartners.com www.tripadvisor.com *.esky.com *.msecnd.net ads.avocet.io i.travelapi.com criteo-partners.tremorhub.com sync-criteo.ads.yieldmo.com criteo-sync.teads.tv exchange.mediavine.com ib.adnxs.com matching.ivitrack.com r.casalemedia.com simage2.pubmatic.com sync-t1.taboola.com ups.analytics.yahoo.com visitor.omnitagjs.com *.bidswitch.net *.criteo.com *.googlesyndication.com www.googletagmanager.com cm.adform.net e1.emxdgt.com ad.yieldlab.net id5-sync.com ad.360yield.com contextual.media.net *.3lift.com sync.outbrain.com match.sharethrough.com pixel.rubiconproject.com dpm.demdex.net s.thebrighttag.com tags.bluekai.com idsync.rlcdn.com static.sojern.com clickmeter.com *.smartadserver.com beacon.krxd.net *.clickmeter.com c.bing.com x.dlx.addthis.com i.liadm.com ade.clmbtech.com s.ad.smaato.net trends.revcontent.com *.socdm.com ads.travelaudience.com static.criteo.net tbs.tradedoubler.com *.edestinos.com.br *.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com compare.edestinos.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https://skybox.eskypartners.com; report-uri /csp-report;
date: Thu, 02 Mar 2023 06:36:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
server: esky-edge
x-frame-options: ALLOW-FROM https://skybox.eskypartners.com
esky-correlation-id: 39AB6325-BF77-CF44-A93A-E842C250B8CE
access-control-allow-origin: https://www.edestinos.com.br
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-generated-by: dbr-transaction-process-b1885
x-request-id: 005c4082bee44d50d6bb01c598c74388129458c4

GET
H2 200 prod_pt_br.js Show response
www.edestinos.com.br/res/b1663/common/js-routing/ 6 KB
1 KB 29ms
29ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1663/common/js-routing/prod_pt_br.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/router.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

9ac09ac41e88d99d1c483ee7e89fca19d4bebfabb3bfff6dd4ee463efdc1bf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
last-modified: Tue, 21 Feb 2023 11:28:17 GMT
server: esky-edge
esky-resource-type: static
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=457097
accept-ranges: bytes
content-length: 955
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block
expires: Tue, 07 Mar 2023 13:34:54 GMT

GET
H2 200 xstorage.html Show response
www.edestinos.com.br/ Frame B3F1 3 KB
1 KB 50ms
50ms Document
text/html 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/xstorage.html

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/11.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

7851c8f7f95b17bd6b00cb8d25177f51fed135575c04a4bd132d84ffbe95bffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-encoding: gzip
content-length: 1033
content-type: text/html; charset=utf-8
date: Thu, 02 Mar 2023 06:36:37 GMT
expires: Thu, 02 Mar 2023 06:36:37 GMT
last-modified: Tue, 21 Feb 2023 10:37:30 GMT
server: esky-edge
strict-transport-security: max-age=15768000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-generated-by: dbr30-b1663
x-xss-protection: 1; mode=block

GET
H2 200 hasher.js Show response
static.sojern.com/cip/ Frame F5CC 18 KB
18 KB 15ms
14ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:11:01 GMT
age: 1536
x-guploader-uploadid: ADPycdv1cJxizf8SOhZ2fPEsy35rSug7QzywmUnE0E7ZR2Ktq1mh5uYIEAW_lloyOjeM7yHafBST7dupK8rJNSpHyVJ1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Thu, 02 Mar 2023 07:11:01 GMT

GET
H2 200 NEW_H_FINAL.jpg
www.edestinos.com.br/_fe/img/ 120 KB
121 KB 92ms
92ms Image
image/webp 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/NEW_H_FINAL.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

f80d4a13aa664e933bfe620dd4a0f3272d88d02ff7b58c5898944fe39a012a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
last-modified: Thu Mar 02 2023 07:09:45 GMT+0100 (Central European Standard Time)
server: esky-edge
etag: W/"1e1a4-H8TUsXA0dk+x8blHdNTwClTRlFA"
content-type: image/webp
cache-control: private, max-age=2104
accept-ranges: bytes
content-length: 123300
x-generated-by: pms-b33
x-xss-protection: 1; mode=block

GET
H2 200 GRU_4_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 267 KB
250 KB 39ms
38ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/GRU_4_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6a84022653fc4b525e81e0a9dabbae72e89cdc31c7269cd43edaf9fffe8f74be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:59 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2017 13:00:16 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1206818
etag: W/"59130ee0-42afd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 4Yl3gZuAH719kLKORxnUVBGexNGMK5IgxrzcGYt4njCdJpI03P1zRQ==
expires: Sat, 18 Mar 2023 07:22:59 GMT

GET
H2 200 BSB_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 101 KB
90 KB 18ms
17ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/BSB_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 287967ffe496493c9a297640b6babdfe08aa56027a875806c7b6b8e5cd756798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 09:51:58 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2017 14:54:16 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 420279
etag: W/"591c6418-19564"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: gPxU2fS5i3n2y-OB1FKla-2VOXswnMdkXxHHXkxug-YOoLcqySVjCA==
expires: Mon, 27 Mar 2023 09:51:58 GMT

GET
H2 200 FLN_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 16 KB
17 KB 62ms
61ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FLN_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 91f809451f121319419faa6094000ea4e0cad99e934618584bbcdd3964f1dcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 10:30:23 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2016 08:04:50 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1195574
etag: W/"56af11a2-4148"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ONRI1vU-QRIPAWn5-EzBirew84LBqu3FVkwTDfFGxmg37WG3iNL64A==
expires: Sat, 18 Mar 2023 10:30:23 GMT

GET
H2 200 FOR_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 25 KB
26 KB 55ms
54ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FOR_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 648d744050ebba9ff4aed315f2a29c7f324cb3b368b8ea672975005c1846168e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 08:21:29 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2016 08:04:51 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1894508
etag: W/"56af11a3-64f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: fUzXJ2rNOWYqSAhvdHc4m9GpIw1wEuKU1rF7cmRsx3WUWwTvy8ZKsQ==
expires: Fri, 10 Mar 2023 08:21:29 GMT

GET
H2 200 SDU_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 37 KB
37 KB 81ms
80ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/SDU_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: b9cf1c143a4e7d3cac8cafeac986fe0c623ce2732a2b59f592db322d6d211acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 08:58:20 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2017 18:27:19 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1373897
etag: W/"59023807-9587"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: uzMMkbOkmLV-kQHaahy4WilvjtANDKBC95U2xVy4mBhzBxmQmGFcPA==
expires: Thu, 16 Mar 2023 08:58:20 GMT

GET
H2 200 POA_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 27 KB
27 KB 80ms
79ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/POA_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 9cdfc32c4e7f1b3c86a4a53457ce1bd3e7c4e1a85cb8fe4fb2dfb2c170f01a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:22:51 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2017 14:43:44 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 360826
etag: W/"590203a0-6b12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: SdZGTQPc-xoEnS5tN9w2-oKz_jP5uHgq1-YkuxDCtiIJxWwDEKqvDg==
expires: Tue, 28 Mar 2023 02:22:51 GMT

GET
H2 200 REC_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 19 KB
19 KB 68ms
67ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/REC_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 4990b90c31f5b823613a2f72103699a58dce4ff1bdc2aa03f326395944b193e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:57:18 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2016 08:05:58 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 902359
etag: W/"56af11e6-4c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 8seMdF5egFkcT2hqyeVqqdWtFG8L1zb0HIj9cBSOfdtxKTEKfR1QwA==
expires: Tue, 21 Mar 2023 19:57:18 GMT

GET
H2 200 VIX_2_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 271 KB
258 KB 70ms
70ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/VIX_2_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 628cb1a4225ad22360f2e5e8c75756b0cdcaf58da2f387a982e00c90f68837d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 12:28:05 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2017 15:14:25 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 929312
etag: W/"59035c51-43a0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: SXLrEPML-zxy3KFO8WljYx9Xy5Tt0zlG1GoV-o32iK5Em-Lj-5wT0g==
expires: Tue, 21 Mar 2023 12:28:05 GMT

GET
H2 200 FEN_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 36 KB
36 KB 79ms
79ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FEN_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: f1db8f710e4c216fce8a1c8541bce5b25f4fd53676c44d2f8ec9a37366b945c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:20:09 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2017 13:45:23 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 843388
etag: W/"594926f3-90c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: sz2F_mK4ia5Uc-xfkOJFu3GJAOjfz7p29RAJReNfQPwyXe0YGwe6jQ==
expires: Wed, 22 Mar 2023 12:20:09 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 193 KB
76 KB 210ms
94ms Script
application/javascript 2a00:1450:400d:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?_=1677738997582

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

977060cd4780698c9bbc60ec53044e120ff543fedc9fc67da9328090062d066f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M46vtlkc82OxbMYMBcsGoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-M46vtlkc82OxbMYMBcsGoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 02 Mar 2023 06:36:38 GMT

POST
H2 200 api Show response
sdk.adara.com/ 16 B
98 B 19ms
19ms Fetch
text/plain 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Requested by: Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
X-Adara-Key: NzM1ZTdmYWQtMjE2Yi00MTMwLTk1OGUtZjNmNjQ0NDdkYjE4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
via: 1.1 google
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: X-Adara-Key
content-length: 16

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 85ms
18ms Preflight 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-adara-key
Access-Control-Request-Method: POST
Origin: https://www.edestinos.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 02 Mar 2023 06:36:37 GMT
via: 1.1 google

GET
H2 200 /
www.google.com/pagead/1p-user-list/1016894727/ 42 B
154 B 76ms
73ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016894727/?random=1677738997383&cv=11&fst=1677736800000&bg=ffffff&guid=ON&async=1&gtm=45He32r0h1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&userId=default&fmt=3&is_vtc=1&random=2347117568&rmt_tld=0&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1016894727/ 42 B
154 B 72ms
70ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1016894727/?random=1677738997383&cv=11&fst=1677736800000&bg=ffffff&guid=ON&async=1&gtm=45He32r0h1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&userId=default&fmt=3&is_vtc=1&random=2347117568&rmt_tld=1&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 301 KB
85 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=7d23a40b44f83553ff12906b1b73a2bf

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

035d955d8711896fadb5ac300ddce62d859512ff0034e3289a649138587f9c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.edestinos.com.br/
Origin: https://www.edestinos.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 06:36:37 GMT
content-md5: 2/MTwxfi1QQsbi42m3o5bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87103
x-fb-rlafr: 0
x-fb-debug: PUwvaj1r6lMlFQwpjUjA9+Tzx3wAHwWxYc5ai8M6SD/biYDiSwOZD+oEYWaa/72daY5IwwTyGIbSTdfscXnfhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3954fa429e9135c5a0bcfb6e52a13679
cross-origin-opener-policy: same-origin-allow-popups
etag: "6529ac869b2a770ce52b709773116b04"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Mar 2024 04:36:32 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1016894727/ 42 B
108 B 76ms
75ms Image
image/gif 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016894727/?random=1677738997387&cv=11&fst=1677736800000&bg=ffffff&guid=ON&async=1&gtm=45He32r0h1&u_w=1600&u_h=1200&label=GtTzCNuf1WQQh6ry5AM&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&userId=default&fmt=3&is_vtc=1&random=2246580627&rmt_tld=0&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1016894727/ 42 B
108 B 75ms
74ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1016894727/?random=1677738997387&cv=11&fst=1677736800000&bg=ffffff&guid=ON&async=1&gtm=45He32r0h1&u_w=1600&u_h=1200&label=GtTzCNuf1WQQh6ry5AM&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&userId=default&fmt=3&is_vtc=1&random=2246580627&rmt_tld=1&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 82ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N9CRQD0ZQC&gtm=45je32r0&_p=1605556939&_gaz=1&cid=331767709.1677738997&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677738997&sct=1&seg=0&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&dt=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N9CRQD0ZQC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 23ms
21ms Ping
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N9CRQD0ZQC&cid=331767709.1677738997&gtm=45je32r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N9CRQD0ZQC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
75ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N9CRQD0ZQC&cid=331767709.1677738997&gtm=45je32r0&aip=1&z=951804224

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hp Show response
pixel.sojern.com/partner/veNk3cJBImq42RsD/ Frame F5CC 3 KB
916 B 75ms
22ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/partner/veNk3cJBImq42RsD/hp?et=hp&p=index&ccid=default&cid=p=index|md5_eml=|sha1_eml=|sha256_eml=|ccid=default|
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 4807c169ee4f97efe151d53b2a5a2ca190dac810597561bd463d97e1ed8cb49e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:37 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 566

POST
H2 200 get-inspiration-prices Show response
www.edestinos.com.br/ 2 B
504 B 242ms
241ms XHR
application/json 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/get-inspiration-prices

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edestinos.com.br/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
uber-trace-id
esky-correlation-id: 8C469695-FAD9-7FDA-6696-D982FED4A5A6
content-length: 33
x-xss-protection: 1; mode=block
x-generated-by: dbr30-b1663
x-request-id: 27b81e4f9ae96d2169cfa997656df78de11cd054
server: esky-edge
esky-resource-type: dynamic
vary: Accept-Encoding
content-language: pt-BR
content-type: application/json
cache-control: private, max-age=0
accept-ranges: bytes
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4036608&tm=gtm002&Ver=2&mid=54544b27-ec82-4e62-af47-1095f7b79b8f&sid=957edd90b8c411ed9e8c9b203bc49932&vid=957f3800b8c411eda792599a52ad5cd9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas,%20Reserva%20de%20Passagem%20A%C3%A9rea&kw=passagem%20aerea,%20passagens%20aereas,%20hotel,%20hoteis,%20companhias%20aereas,%20reservas%20de%20hoteis,%20passagem%20aerea%20barata,%20passagens%20aereas%20baratas,%20hoteis%20baratos,%20companhias%20baixo%20custo,%20passagem%20a%C3%A9rea,%20passagens%20a%C3%A9reas,%20hot%C3%A9is,%20companhias%20a%C3%A9reas,%20linhas%20a%C3%A9reas,%20passagem%20a%C3%A9rea%20barata,%20passagem%20a%C3%A9reas%20baratas,%20hot%C3%A9is%20baratos&p=https%3A%2F%2Fwww.edestinos.com.br%2F&r=&lt=1852&evt=pageLoad&sv=1&rn=151896

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Mar 2023 06:36:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1AF013952B04B48977B424AAFA2D660 Ref B: FRAEDGE1515 Ref C: 2023-03-02T06:36:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel Show response
cm.g.doubleclick.net/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=6645&_yoid=43a55b39-e6bd-4a5b-b3d5-553947ebfeed&_yosid=a8f0cbe8-7070-4764-b231-b19be3316ca9
https://tag.yieldoptimizer.com/ps/ps?tc=109579533&t=i&p=6645&_yoid=43a55b39-e6bd-4a5b-b3d5-553947ebfeed&_yosid=a8f0cbe8-7070-4764-b231-b19be3316ca9
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjczMTYwOTk0Ng&google_sc

170 B
243 B

82ms
70ms

Fetch
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjczMTYwOTk0Ng&google_sc

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:37 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjczMTYwOTk0Ng&google_sc
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 71ms
40ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=175824989237491&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.edestinos.com.br%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=7d23a40b44f83553ff12906b1b73a2bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 02 Mar 2023 06:36:38 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: yV3iaJF+1eoZiWABNdq0/D+t0jImQvSIubE4/Geqwv7+5hmhHB7AY9RD3wPVH3QIvKHCoY3Aw7FB6xMcGoh1DQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edestinos.com.br
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

AdX
pixel.sojern.com/idSync/ Frame F5CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Q2X9uurlCAcCwYzJZlUGQg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7Y...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m&google_gid=CAESEOKymIsiwknTLcyhsld8zUA&google_cver=1

42 B
58 B

21ms
20ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m&google_gid=CAESEOKymIsiwknTLcyhsld8zUA&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Thu, 02 Mar 2023 06:36:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m&google_gid=CAESEOKymIsiwknTLcyhsld8zUA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame F5CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=Q2X9uurlCAcCwYzJZlUGQg&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopm8RYrL2iU8NAp45SuHogBLfV8A9d3UUz4orvBJiYbbME0njmY8D0E7SbtmC0TNTqJnT_5zaOx1_l-dp7ku5mvdMg9lB3grkmZb0OU20RGWkWD51k
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopm8RYrL2iU8NAp45SuHogBLfV8A9d3UUz4orvBJiYbbME0njmY8D0E7SbtmC0TNTqJnT_5zaOx1_l-dp7ku5mvdMg9lB3grkmZb0OU20RGWkWD51k

170 B
432 B

187ms
80ms

Image
image/png

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopm8RYrL2iU8NAp45SuHogBLfV8A9d3UUz4orvBJiYbbME0njmY8D0E7SbtmC0TNTqJnT_5zaOx1_l-dp7ku5mvdMg9lB3grkmZb0OU20RGWkWD51k

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default

Protocol

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopm8RYrL2iU8NAp45SuHogBLfV8A9d3UUz4orvBJiYbbME0njmY8D0E7SbtmC0TNTqJnT_5zaOx1_l-dp7ku5mvdMg9lB3grkmZb0OU20RGWkWD51k
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame F5CC
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m
https://pixel.sojern.com/idsync/apn?id=480477894867673093&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m

42 B
274 B

21ms
20ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=480477894867673093&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Thu, 02 Mar 2023 06:36:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Date: Thu, 02 Mar 2023 06:36:38 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e15b8b6d-37cd-4331-9db7-14a4dbf9bd46
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=480477894867673093&sjrn_id=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F5CC 70 B
265 B 105ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=98J7TuaP9MDWLDsIcDrKQHxYWDrQDCMiypi0FW7kZQ6_N8PSx7YbHMLUMpcyEw6m&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 lib.min.js Show response
lib.wtg-ads.com/ 497 KB
93 KB 55ms
22ms Script
application/javascript 2606:4700:20::681a:e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/lib.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

add686cb7df7c0c292cdda706ed96a41136e0b89bf03926ad90f6ecb106ba5f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 756468
last-modified: Tue, 21 Feb 2023 12:28:49 GMT
server: cloudflare
etag: W/"63f4b901-7c44f"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aelbPCHeTtVLuV1uDpNIPFLM%2FsHss5VkDhXrG2MaVqqOpFUNNdRfcWJNWfy8X9XTNfu2HKZKQG%2FaAJIuTfVJ9tSV6ekHHBkwU8361nABtgygCAHvhM2cx3qxuw2qzywyZUU1%2FPfKga4c3qPXjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a17a065d8623680-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 21 Feb 2023 15:28:50 GMT

GET
H2 200 tag.js Show response
static.clicktripz.com/ 10 KB
4 KB 79ms
7ms Script
application/javascript 13.224.189.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.clicktripz.com/tag.js
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-6.fra2.r.cloudfront.net
Software: /
Resource Hash: 5232331c8e4711696ecb88c016bf3bdd4e6f6b879394dc234954894153fac1a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ctz-is-mdeps: false
date: Wed, 01 Mar 2023 19:47:34 GMT
content-encoding: gzip
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 38944
x-cache: Hit from cloudfront
x-ctz-tag-id: 0.0.6
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-headers: Accept, Content-Type
x-amz-cf-id: lFfpkTvSYxovS1hhWEuW29JCZz7E2YgPnmKniB2zBzKcCnV6iZOEMQ==
expires: Thu, 02 Mar 2023 19:47:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 157ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9920207046752446

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44285c30906cb5b7bde6e33d745bd5614ede59d699fdbd2a9eed06fbf74b431d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48269
x-xss-protection: 0
server: cafe
etag: 1032221593167188012
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 200 / Show response
beacon.riskified.com/ 46 KB
14 KB 380ms
111ms Script
application/javascript 2600:1f18:f8a:b703:5a81:f87d:ffc8:4ebf
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=www.esky.com&sid=GRXA1677738997594

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b703:5a81:f87d:ffc8:4ebf Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

68b41c90cb36024743b17006a5970ad0add0d59036481318b7ac9379427b6d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:38 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/d3d3LmVza3kuY29t/R1JYQTE2Nzc3Mzg5OTc1OTQ=
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600,no-store
trace-id: c41d0d4e0a38f72999f30a271da96514
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 lg.php
progress.edestinos.com.br/www/delivery/ 43 B
408 B 83ms
83ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://progress.edestinos.com.br/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=113&loc=https%3A%2F%2Fwww.edestinos.com.br%2F&cb=36981f6b08

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
gd: off
date: Thu, 02 Mar 2023 06:36:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
server: esky-edge
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=0, no-cache, no-store
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 0AA1 47 KB
16 KB 76ms
76ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=175824989237491&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a80418cf4e4d%26domain%3Dwww.edestinos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252Ff117f5437645eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FeDestinosBrasil%2F&layout=standard&locale=pt_BR&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=7d23a40b44f83553ff12906b1b73a2bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

877b322a8474399684c090021e1387d76e8de6124d21c65e6e5676b3732ad13a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 02 Mar 2023 06:36:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v15.0
origin-agent-cluster: ?0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: YZDVLA2CKUfH5nVoUrCFmHX9fvQ+VLYJ8/Lk6BhnDNs5nNrnv8hEwvPYsalhf5wCOtjBNOr8ifu3jgxLLTdFUg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 249ms
248ms Stylesheet
text/css 2a00:1450:400d:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?_=1677738997582

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Fep6J5XbTJcndm9_Sn2tSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Fep6J5XbTJcndm9_Sn2tSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
529 B 93ms
92ms XHR
application/json 2a00:1450:400d:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=844265783495-h5rkg6srd8dmdgrofispg6hn2te5m7bj.apps.googleusercontent.com&as=gxdfSOD3131xdjxhFESN0Q

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client?_=1677738997582

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e8fb0d889f0eccd6e9146e81bb0fec67dc5b2b7b7c8abd8afc60f38c10b7ac2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-m-JhmdXzbzdGD4Z6aRoMPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-m-JhmdXzbzdGD4Z6aRoMPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edestinos.com.br
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FEN_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 36 KB
36 KB 17ms
17ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FEN_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: f1db8f710e4c216fce8a1c8541bce5b25f4fd53676c44d2f8ec9a37366b945c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 12:20:09 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2017 13:45:23 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 843389
etag: W/"594926f3-90c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: PRwZwmpadbaMznJtyig_TY5trA2HnCekX4Q271XWeI1wF9kp20A0iw==
expires: Wed, 22 Mar 2023 12:20:09 GMT

GET
H2 200 GRU_4_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 267 KB
250 KB 19ms
18ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/GRU_4_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6a84022653fc4b525e81e0a9dabbae72e89cdc31c7269cd43edaf9fffe8f74be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 07:22:59 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2017 13:00:16 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1206819
etag: W/"59130ee0-42afd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: dBA_LzuxbSYCE2XZNj0n1Je6-oCZcbqVVrzg1v0WgDQvQg244Qi7JQ==
expires: Sat, 18 Mar 2023 07:22:59 GMT

GET
H2 200 BSB_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 101 KB
90 KB 18ms
18ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/BSB_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 287967ffe496493c9a297640b6babdfe08aa56027a875806c7b6b8e5cd756798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 09:51:58 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2017 14:54:16 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 420280
etag: W/"591c6418-19564"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: epkdpJZgvHpM0BVcTuBRrOHqPctm0a3Yw86dA1fkReYXmnX8vfsrSA==
expires: Mon, 27 Mar 2023 09:51:58 GMT

GET
H2 200 FLN_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 16 KB
17 KB 22ms
22ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FLN_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 91f809451f121319419faa6094000ea4e0cad99e934618584bbcdd3964f1dcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 10:30:23 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2016 08:04:50 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1195575
etag: W/"56af11a2-4148"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: IIOOWbQtKxE5HDSvcti34c5oG-Jlgccn4t9dJfVm0GzyKUW-lchf1Q==
expires: Sat, 18 Mar 2023 10:30:23 GMT

GET
H2 200 FOR_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 25 KB
26 KB 22ms
21ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FOR_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 648d744050ebba9ff4aed315f2a29c7f324cb3b368b8ea672975005c1846168e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 08:21:29 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2016 08:04:51 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1894509
etag: W/"56af11a3-64f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: G0Cxu1pBmIAMxz6iUPQQ9QllcqmSnX-dnTysxEuQP668hSAHqokShg==
expires: Fri, 10 Mar 2023 08:21:29 GMT

GET
H2 200 SDU_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 37 KB
37 KB 22ms
22ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/SDU_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: b9cf1c143a4e7d3cac8cafeac986fe0c623ce2732a2b59f592db322d6d211acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 08:58:20 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2017 18:27:19 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 1373898
etag: W/"59023807-9587"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Coj7WOGMyB5WamkdYLwYVW5BCSMxu9cru3vSNsTj6ZNtE_mwNDuGOw==
expires: Thu, 16 Mar 2023 08:58:20 GMT

GET
H2 200 POA_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 27 KB
27 KB 22ms
21ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/POA_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 9cdfc32c4e7f1b3c86a4a53457ce1bd3e7c4e1a85cb8fe4fb2dfb2c170f01a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:22:51 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2017 14:43:44 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 360827
etag: W/"590203a0-6b12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 2zeWZZkE0gV2wGg0JzPHH1MMLyTzqkie4hpwE_YMewnBHKKrzBHX_w==
expires: Tue, 28 Mar 2023 02:22:51 GMT

GET
H2 200 REC_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 19 KB
19 KB 23ms
23ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/REC_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 4990b90c31f5b823613a2f72103699a58dce4ff1bdc2aa03f326395944b193e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:57:18 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2016 08:05:58 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 902360
etag: W/"56af11e6-4c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: e4FzgEF4---a8pO0BQt-zinSYxXQKh_osmjGGJgsWa-jUo_8v-a8uw==
expires: Tue, 21 Mar 2023 19:57:18 GMT

GET
H2 200 VIX_2_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 271 KB
258 KB 23ms
23ms Image
image/jpeg 18.65.39.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/VIX_2_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-76.ams1.r.cloudfront.net
Software: esky-edge /
Resource Hash: 628cb1a4225ad22360f2e5e8c75756b0cdcaf58da2f387a982e00c90f68837d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 12:28:05 GMT
content-encoding: gzip
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2017 15:14:25 GMT
server: esky-edge
x-amz-cf-pop: AMS1-P1
age: 929313
etag: W/"59035c51-43a0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: FOMYOh7ZCYQFXjSLTS7ZLW-T-7HRt-4A54cUDhBLMkERQsR1C4FDVQ==
expires: Tue, 21 Mar 2023 12:28:05 GMT

POST
H2 200 v1.1 Show response
www.edestinos.com.br/patalyst/ 0
236 B 128ms
128ms XHR
text/plain 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/patalyst/v1.1

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1663/eui/js/5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
api-supported-versions: 1.0, 1.1, 1.2
server: nginx
access-control-allow-origin: *
cache-control: max-age=0
x-envoy-upstream-service-time: 0
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 200 standard.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/www.edestinos.com.br/ 7 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:20::681a:e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/www.edestinos.com.br/standard.publisher.config.min.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff467e5bb27c60640d4d5cd042921dbacef8b3cf13c02aa1afb25e6fb2c5b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44816
last-modified: Wed, 07 Dec 2022 08:33:47 GMT
server: cloudflare
etag: W/"63904feb-1b34"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t29dzHxhBP3YDT62lE8CJn1bkDRk3FbkU1rHG5Tu4BtUIT5NDrHzFxZ2ZN2a9fyH6f4sk3mBsTnYZnjaOA4AED3yt7uBxsT37i56%2FrTrRkGep9wrxmxPNQfD7PcJX1YOBdyw5l7Oe3hvx%2B0NA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a17a06628b13680-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 01 Mar 2023 21:09:42 GMT

GET
H2 200 constrain Show response
www.clicktripz.com/api/integrations/v1/ 470 B
724 B 646ms
192ms XHR
application/json 35.155.25.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clicktripz.com/api/integrations/v1/constrain?h=8f142867f9634019950ef5edbc408375&u=https://www.edestinos.com.br/
Requested by: Host: static.clicktripz.com
URL: https://static.clicktripz.com/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.155.25.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-25-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1a5afd5736258a8008f2ab20413af8ed1e0f0b5630d96001a88229b492c1392b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Thu, 02 Mar 2023 06:36:39 GMT
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 56ms
22ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230302

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9880cd77ebc64342c8c145248fb6a8fd8f5a6ad708613ee2c98585f0df98c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9344
x-jsd-version: 1.0.1633
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"623-WbFtM6GdSQpC38XxOH/lMI9Buik"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJUIBZXzA3b4SXuwAFf2w5Wzjovp%2Fl2ARDyF4LG%2BlO5W%2ByhABlFDkG3VnlFj6hBSH52wxxQnrSPO%2B7gzS2zo6WOIZU3SIf6QTaKlqQKs2sPjQgN3irir7L%2FbWHa9Q3d28MQgPC8rkO4nPj6zOCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a17a06679e03825-FRA

GET
H2 200 main.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/www.edestinos.com.br/ 3 KB
1 KB 13ms
13ms Script
application/javascript 2606:4700:20::681a:e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/www.edestinos.com.br/main.publisher.config.min.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d58ad7b164b8e4d553083a83ceae9cd3eccf12ed5c6f0d5a3f4c3dcdafefa40c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 208178
last-modified: Wed, 07 Dec 2022 08:33:47 GMT
server: cloudflare
etag: W/"63904feb-ab3"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDS27VfoQNtGvWopkmLfTiL%2FFtmwMS6KUvEE5dyjIkXyRPSlrPWdREsG3aCVZOy7K%2BVkYR35h4iOWNonGeBSTSlJgBB2zAVLZiwxYtHWbyMQYwu%2FnekfCgFPxQA50iQw9xt3iYkOiikx3Cdagg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a17a06638d33680-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 27 Feb 2023 23:47:00 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 0AA1 299 B
564 B 7ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=175824989237491&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a80418cf4e4d%26domain%3Dwww.edestinos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252Ff117f5437645eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FeDestinosBrasil%2F&layout=standard&locale=pt_BR&sdk=joey&share=true&show_faces=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: Rk/toQWFT2J+9inubeOWWTtmdmnqHLawtIzt7HnhyuJC7xNcn7IkvgpqBnhp7CP0JvRym5eM1JtJrGuuc1gBNQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Feb 2024 05:24:31 GMT

GET
H2 200 0YP7pJNiznC.js Show response
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yB/l/pt_BR/ Frame 0AA1 516 KB
134 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iM-F4/yB/l/pt_BR/0YP7pJNiznC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71968d57e82919464ecf3822eade7debcd9c91cb7ecc2c5e33339ef1e94dca66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PSiBVw2lyP9w9qgM0yLHWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136809
x-fb-rlafr: 0
x-fb-debug: MA9Bfq0P4G61oiWCa0rwnonGAQRcK8Kwcy++TDIha2NQdh96fW76MISo4lDAt4E5zpHbGGqugqXgo+3NcqaVKw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 01 Mar 2024 02:45:20 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 35ms
25ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230302

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9880cd77ebc64342c8c145248fb6a8fd8f5a6ad708613ee2c98585f0df98c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9344
x-jsd-version: 1.0.1633
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"623-WbFtM6GdSQpC38XxOH/lMI9Buik"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPNAj%2FRQkqN%2BXHlJZoszTEuOrOUyN%2FHkws8RNRC%2BTDVJKl%2B28HBpNVB4rKdEarVi81oWBuGfDhMP7q5YD7d2Gxe9dH6swynTZa7ixyeUGGcwaoZmh%2Byf0Pf4bHjNezTzlAWkwh8EkWPodiCjoks%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a17a06679e13825-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 99ms
83ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

sffe /

Resource Hash

1b0963f14226beb0e141c1d4def4cc1bc70e8ef8792a527f80a11c8591ba63f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26901
x-xss-protection: 0
server: sffe
etag: "1498 / 80 of 1000 / last-modified: 1677711908"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 361 KB
119 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9920207046752446&plah=www.edestinos.com.br&bust=31072649

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9920207046752446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

501f49b1aa5933fd40a296ba8712c6a0d1a5d2a5274356404f3a5028d786a745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121819
x-xss-protection: 0
server: cafe
etag: 4108723946830295981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 06:36:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame A829 10 KB
5 KB 47ms
46ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9920207046752446

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 13:00:40 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 13:00:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2023022701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 102ms
46ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132634
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 09:35:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 05:39:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
618 B 235ms
68ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.edestinos.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729706b0458f28fe04a2f52773e1e2fc4bb333885a8e39b0f42afc48341b54bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76
x-xss-protection: 0
expires: Thu, 02 Mar 2023 06:36:39 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 46ms
8ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e796bbf820b6c82c648fc30c1ef0936de768c4236715b40c938faa67175f8eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:58:58 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 21:30:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2261
x-amz-server-side-encryption: AES256
etag: W/"289dcef8d722ba2b64392cc0764df16b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: FIGMVMqaj2eLIuMLlrY6OYcNTSU0ZHCIAS6sBt2Tv19untiRC2K0JA==

GET
H2 200 prebid_6.12.0.js Show response
lib.wtg-ads.com/prebid/ 420 KB
121 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/prebid/prebid_6.12.0.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e54d09aefdcf93b7d7e00e7e3dc528d82bf9fd89370e0e7f5f253a4fb09930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90886
last-modified: Tue, 05 Apr 2022 07:54:55 GMT
server: cloudflare
etag: W/"624bf5cf-68e1c"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G09RnAEAxVCUlS5V0P%2B69NEzMDWUZSQbQN0rtqHhzY8MLHkpFhBbsgElyF%2BFHZJpdGIcjAaReWhfOjhZznLo4yKqEOpJRTp0mD88cEYfe97iyoTuKQLTO8EEilTtndye0TF4aFmt%2BqRVXdce3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7a17a0674a383680-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 01 Mar 2023 08:21:52 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 102ms
101ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.edestinos.com.br&pubid=e01babcc-1a26-4bf8-a4b4-551fa47b2e56
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:38 GMT
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.edestinos.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 9SW4U1j78L3YYuZIYbwI5xxrkZLegwPuh_LAVe9Ug1hsmP-aV-NTgg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
8ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
date: Wed, 01 Mar 2023 09:42:22 GMT
x-amz-cf-pop: FRA56-P6
age: 75258
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Au6o4Z0tFEhW0fMhAP33lsj5LwqUyadnUBY1w_cl2YtVsARvCawVuA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
607 B 150ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.edestinos.com.br&callback=_gfp_s_&client=ca-pub-9920207046752446

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9920207046752446&plah=www.edestinos.com.br&bust=31072649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58f390685d60088213d9b28d2931b53eed0b2760ff2a7e5934e585db492557d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 186ms
69ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edestinos.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 185ms
68ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edestinos.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-info&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D141 0
16 B 219ms
218ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9920207046752446&output=html&adk=1812271804&adf=3025194257&lmt=1677738999&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677738998886&bpp=4&bdt=2091&idt=164&shv=r20230227&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2781162644944&frm=20&pv=2&ga_vid=331767709.1677738997&ga_sid=1677738999&ga_hid=1605556939&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C31072649&oid=2&pvsid=449212333680438&tmod=1244516945&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:36:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 129ms
52ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230227&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd80aefae8c22cf88d7d50fc99643cbb05f8b48e4435f1042c71355c19d05b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11320
x-xss-protection: 0

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 352ms
108ms Image
image/gif 44.209.151.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16777389991160.6362592375629597&c=41jvo27drufiaxw2fysp0gleqqhcua&p=cnjmvt&a=GRXA1677738997594&o=www.esky.com&rt=1677738998985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.209.151.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-151-138.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
465 B 289ms
120ms XHR
text/javascript 13.224.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.edestinos.com.br%2F&pid=uk1XKC8uzp7xm&cb=0&ws=1600x1200&v=23.225.2013&t=1200&slots=%5B%7B%22sd%22%3A%22%2F21695112458%2FeDestinos_BR%2Fsg_bill_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%7D%5D&pubid=e01babcc-1a26-4bf8-a4b4-551fa47b2e56&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.191.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-191-98.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: AD4XMMYHV2GBX9PVBS5Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.edestinos.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UwyFVo5o3SztpzJP5L76lrl-viMTkeK9yFJpRAiGDyLQV0vov1ME5g==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 19ms
19ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230302

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9880cd77ebc64342c8c145248fb6a8fd8f5a6ad708613ee2c98585f0df98c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9345
x-jsd-version: 1.0.1633
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"623-WbFtM6GdSQpC38XxOH/lMI9Buik"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuxidaWdwVC17E0uzZkU%2BVmpNorcqXS4OcPjrNx09OS4VECLkAiTDNZTMkEWwenGXi00ew%2F7GoOgqBgBuN2WD6OsZXj7JBhYZc2gDsPIcUzpWVG7kCXv3AdyoIpvRC3WmND0W%2B9HNU7%2BEgp3EWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a17a068fc853825-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1019 B 183ms
20ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 06:36:39 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1159083
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2plnzKTEB87OqxvkcOzBXtr7VD6GD%2BKYKD3LFmQWn2dYExTH%2BHBlgSAvYxnfSAi%2BECPtz1YpKUNCSgkXdcaGgkxGXpa04s6CXTHthAPtGj3x57k3XzLFr5AZxpAMdUcHp7j51yvAPY2WLsoU"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7a17a069fadf9b67-FRA

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
566 B 194ms
32ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=450738&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212091c7e9a1c6d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.edestinos.com.br%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.12.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f8fa84829f607%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450738%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450738%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450738%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22waytogrow.eu%22%2C%22sid%22%3A%224873684%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPoAqejPoAqejApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%7D
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f676371c44f65b0f333138b35e5195d77648aa72e9b2c46a0a3d09d0460243

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCmQdztEOvNND4im50neYG6B9TUF9Jm4WDBpq0SFWfNyvUHSmfNiZ4uSIiGKEAzdcNj0LzhFqhXcxGFDOw72sqPq4RsShKr7a0t6NW8GPZod5gSM%2FnEm25jHsBgC6KJdaC%2FdFrvJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7a17a06a081d3a52-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 227ms
227ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9b608eb5f2ed887c559a7cf0bd8548c369d5ddf38791a804fef80f39edc74eee

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Mar 2023 06:36:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 06a379f8-aa17-43a6-acaa-0b6618ad3cbc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.edestinos.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
330 B 177ms
18ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/prebid/prebid_6.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Thu, 02 Mar 2023 06:36:39 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 184ms
56ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 06:36:39 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 29ms
15ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 06:36:39 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 404697
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCWXW0cxCLX4fYsjXvbynGzAG0NTaylKX79lCTX3IzUIQrX%2BIY5tGoSatsQpxrlSFRcNPI%2BqSPC8sd4Wc8AAlbtmSZ2hNfrFNYpT1Do9ectpFIov%2BfNeYLsechHpQFkFtxa3Xy4%2Bxq4hjZc0"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7a17a06a3f8f371b-FRA

POST
H2 200 8f142867f9634019950ef5edbc408375_edestinos.com.br Show response
api.clicktripz.com/c11g/v0/a/ 16 KB
2 KB 547ms
176ms XHR
application/json 52.36.128.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.clicktripz.com/c11g/v0/a/8f142867f9634019950ef5edbc408375_edestinos.com.br
Requested by: Host: static.clicktripz.com
URL: https://static.clicktripz.com/tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.36.128.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-128-54.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ab4b82a5d4658104079c7651b70142876e157312585de7b3954ecf80dff7b2bb

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
etag: W/"40f8-aq9whGlNfeEeGjJgEJFRn+OZKDk"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edestinos.com.br
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Cookie, Authorization

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6484 13 KB
5 KB 174ms
35ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 21:10:10 GMT
expires: Thu, 29 Feb 2024 21:10:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96A8 783 B
537 B 79ms
75ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed329ff4d30da7cba403f978c4d7c223f46ad9ab60006ed111da6a437502502b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UO2-ExMBqfXbzNhqGV4zuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-UO2-ExMBqfXbzNhqGV4zuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:36:39 GMT
expires: Thu, 02 Mar 2023 06:36:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 69ms
67ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edestinos.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 69ms
68ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edestinos.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 1074ms
1073ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=449212333680438&correlator=2180999705208924&eid=31072700&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&iu_parts=21695112458%2CeDestinos_BR%2Csg_bill_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C750x300%7C750x200%7C728x90&ifi=2&adks=2844816383&sfv=1-0-40&prev_scp=amznbid%3D1%26amznp%3D1%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.42%26hb_adid%3D786325f61c87b2%26hb_bidder%3Dappnexus&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252F%26host%3Dwww.edestinos.com.br%26path%3D%252F%26resolution%3D1600&sc=1&cookie=ID%3D45566efb1a30fb2a-2291d35b3bdd007b%3AT%3D1677738999%3ART%3D1677738999%3AS%3DALNI_Mb4Xxsz9_htN1NJKco8EFRtYkaVhA&gpic=UID%3D000009c61ef0c797%3AT%3D1677738999%3ART%3D1677738999%3AS%3DALNI_Mb9XThEP7gcWqgfVsAobHuFkfLNiA&abxe=1&dt=1677738999454&lmt=1677738999&dlt=1677738996796&idt=2354&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.edestinos.com.br%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=331767709.1677738997&ga_sid=1677738999&ga_hid=1605556939&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b18e39f1fdad9cceb5c7774f5d611a9193db4b46d07e3389960318e88e39468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8362
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D60 6 KB
3 KB 282ms
80ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:36:39 GMT
expires: Fri, 01 Mar 2024 06:36:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 105ms
104ms Image
image/gif 44.209.151.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16777389995110.7650140339793539&c=41jvo27drufiaxw2fysp0gleqqhcua&p=cnjmvt&a=GRXA1677738997594&o=www.esky.com&rt=1677738998985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.209.151.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-151-138.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6484 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 106ms
106ms Image
image/gif 44.209.151.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16777389996280.18417898346700112&c=41jvo27drufiaxw2fysp0gleqqhcua&p=cnjmvt&a=GRXA1677738997594&o=www.esky.com&rt=1677738998985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.209.151.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-151-138.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 96A8 0
0 70ms
69ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230227&jk=449212333680438&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6484 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HZsFdQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 104ms
104ms Image
image/gif 44.209.151.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16777389997590.041663046481313915&c=41jvo27drufiaxw2fysp0gleqqhcua&p=cnjmvt&a=GRXA1677738997594&o=www.esky.com&rt=1677738998985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.209.151.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-151-138.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H3 200 api Show response
sdk.adara.com/ 16 B
31 B 19ms
19ms Fetch
text/plain 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Requested by: Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
X-Adara-Key: NzM1ZTdmYWQtMjE2Yi00MTMwLTk1OGUtZjNmNjQ0NDdkYjE4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
via: 1.1 google
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: X-Adara-Key
content-length: 16

OPTIONS
H3 200 api
sdk.adara.com/ Frame 0
0 19ms
19ms Preflight 34.102.191.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-adara-key
Access-Control-Request-Method: POST
Origin: https://www.edestinos.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 02 Mar 2023 06:36:39 GMT
via: 1.1 google

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 104ms
104ms Image
image/gif 44.209.151.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16777389998750.8649861571383315&c=41jvo27drufiaxw2fysp0gleqqhcua&p=cnjmvt&a=GRXA1677738997594&o=www.esky.com&rt=1677738998985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.209.151.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-151-138.compute-1.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:39 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H2 201 client_infos Show response
c.riskified.com/v2/ 0
370 B 111ms
111ms XHR
text/plain 2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: beacon.riskified.com
URL: https://beacon.riskified.com/?shop=www.esky.com&sid=GRXA1677738997594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.edestinos.com.br/
accept-language: de-DE,de;q=0.9
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
cache-control: no-store
trace-id: a2033af4c4b82640eb24b44255206f1a
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 337ms
110ms Preflight
text/plain 2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://www.edestinos.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
cache-control: no-store
content-length: 2
content-type: text/plain; charset=UTF-8
date: Thu, 02 Mar 2023 06:36:40 GMT
pragma: no-cache
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: 420e5576fd34b09d70875f15189cd8bd

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230227&jk=449212333680438&bg=!YmGlYTXNAAbK-VRH6vk7ADkAdvg8WlELa0nwxBksLKYG3biumV2y2TgJNsSuz9J9PJo2OhiVzxKffnPTBQeeG7TMNpe5593TEHUCAAAAYVIAAAACaAEHmQK7DiI9veKGvrB-eOQ4MZJuSWollo_qW3FH1c58ON8QsW2yhXDkfNn25svDYLWrqwrHSujTxUuBZn6mLK8668bovvxAPhK8u5C7UFK3j_E9H5aVQZQ3C5HRBzujxitDNHsCruarLw8N-Ur_-VWFRII2GEq8Xjy1_BnQoskkU5KVH_JIDX_KQcwSMFlIrAgAPefIgzuMHpxEfuOKOccbwn-17TQ8QKlLsP_aIHy0v9LWZ58VKDYdlVJivd5gtuLkVDe2ZOum0EOypfs59QL56XLly6enSzQFIZWY6XzfO1TbMmkmYNgaF4nfvAHjRuGW_afyeYdIhJCjD0_LoUiZ0AKFE22fO8Y5F0OeaBw4yNYhCWqCJXD0FazZufC9esU4ggKWk_G6-IfH9dRJwmItA_5cpjOl_Zr59_ed1XDsDPn6vr8AuRzQJAghx99ENa3SxtpaMTIGk1xQDpzCWNDVZD0pClOj0sYLPSFyzx8ulqDyNNVxN2QOOWn_-sbndYuCs9BwSvzZTB0b2vd07MgSe0S_3GyzxtjePevUIN-SzSckopR_USMSIbBLLTqtadmkELBNJr4FwWYGgWTGcDfUI0bmltH_pdRScWT_iD6fLAnnZk7dPZEejmK3R5Rd0Iwr2jkEeyExJXgEyL3dcs4uZFieAzCq77gNSUUL4pF6CZ8sJMf9Be5A8RHRsPPnL_xn4ceRXLhleDbtyCRByIWPqZ_-YGD4CDEfqNp7jGlNurcKHem7751KE4gEy5w-8Vgk7DeQ1Nxp8f-UKe9ASd97t8lSsN5fXpb8BYgSW6Al4S9VF2CFM_yupatrhsIR2Fxq0RKItdkLQdB7fbdYNRZPbEjDInoeu0FnvS_DH6OZzU_1mOGDwpW9rkItFluKOD9yCXtBS1MqA8EhyRND_1qcPI26KvA41oL3QpaxphHy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 container.html Show response
64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3461 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:36:39 GMT
expires: Fri, 01 Mar 2024 06:36:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C61B 624 B
242 B 84ms
82ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGOH4vtMBMAE&v=APEucNUi92dGgugfMe-SZOt8obJoD1D3AK8wthLPRvMKWVoJMUN5EkBBhEc5YlLmG4tqHkYzZD-h1Wz3NXsJa5Z9Nh0YqDRgCuf5pdgux1fnmfcGa8hEjy-ksV9c45Ux4yBlZGnP_QuXcJqpiDowNeiz3E6U1pPntUCkcJlf_et00wYtdGCibrA

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:36:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3461 78 KB
27 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 06:36:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3461 42 B
63 B 82ms
80ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bv72HQrFtvE39RQrWK0HWtvo0YQ-D-4Hh03w3AgUE3QKNgd3Y1EhOLoM538mJf8Drf9QScRkTGAa5KPdNRz68-U7ZIxEjPD3J67vMWC-OsCg4PeIs

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3461 0
20 B 82ms
81ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9420455514856751746&x=1&ct=76

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3461 3 KB
1 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 20:06:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3461 20 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:26:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3461 158 KB
49 KB 85ms
83ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 06:36:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3461 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8896280000894&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3461 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8896280000894&version=m202301230201&ct=76&x=1&cor=9420455514856751000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3461 83 KB
35 KB 104ms
103ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQxSDEZM1wU1lt1XmQKxlDL8S1BDMc-c-H2rYF9kF5Tlg_pufzD5nMZ6Vud9hetdZhETc9RItIrcCtWcoxw6JYQuNQNw&cry=1&dbm_d=AKAmf-DG5HnoxfADtGvG75zLU8OcDddRWy9J3KkTKFN93ll2W1y2vXV-0sMpkcPbmnLMvMDAJ7f5F4CYBNk2UEQeZqD0esh5w2RtI4rRwTemGc69l9MAPKSJA3G8CjHKgsISK4IT575golJnSQAyp3NrrgtojD9H3ZNW3uQg4mFiGMVAOrDVNHbsk3KGNvBhc_tdUrytisGznkS_SQF9jWHfLP7Ot88lwxbvWRMCEpjXXC1vFJ-qv1mKOOLwCRxXmLqFFfB0-ynT2FvxvNEB3jnbWdCUElbD17pElnx2GnMmsJD9IlnJ70jWZ3NxklGXQfv2wyWeBPtl4yA4VlCo7--sI-f1ap1JHAc49oNrnSEjpfStiHZYxga41BY7F3C8FtZ5Pm_3N_SyQfUwbDC2AmXXFaq4GwmqCOVrLnr1iZoDgvh71sSrNDtfpUh1wl6KG2wnZqPA1MXEzMk9E7tixXSWKvRUhnumuorbLUfRuv3TYpTGEdhH5ZM-TTp4LMnx-P4AFjRxd2uTzaOyDAMcGprCd0oPs-yLNqk06UhMIfIdmxbskS9xO6qF7mokNvJgG25ZJ-Hy7oVnBI3rI4GIIQx575LL6YkTYFB5HAAsP0nNDR1ZFqIEEfqdlWsGYpucoDZWTtpoOLzm4HyT2Tfa7MoZ6fwmpwPjAFXSnYW3g97-ptRRoVesaSKSyzuFksmd5vy2BrHB4_OGefOWBp3OCmKvOSQ6PJ7PJRQdUnE_9xXS-_hTGyCn5SVKwUzGJveUdymcB1mXBDzciE5qKhIhemQ4Gro5yApLPD95wN8wDTWz7bl_59i4-Aho--Pxs7Rv9GbUyAfgGoYVqu0ORX6kOaL_B6bE-k5cYYcKaMtebHRKQU17x53V5fNK6W0BY-nuVoTSTeWDtRx83xB4mDzh1ITpVO90N-Xmi9Evvg43CSU_32_4rcSKUzWAcQC3ifMSdorKCCW7V1DJUjhDxxUfGr8lwdKcjZhQ3SKOu85-ux0iVB4T7Jw48sIW0WRKtthjhpktm_vtYLjLv7vvQi6zSGhkT5LHCPLlpAWogYjkbAqf-IzdGt-IEeHSbuVXhnMEA2Xgvrr94Loz3YiKWWNgu3aIKTaFNurlK0iYJJxf_lxtf0wJ8hXdgyQvx4cQ7xQ_2cCkZkpntxC0uKO_2r-3_GxLD6szkYHpEWFb-QPeY47ZRAawAhskC_D003ylllCFoXfIGSjaouitEmFiwOR809N-9xTe1fEL6ukVFR8hs-TkfkZTaoxVmHtLLT9VUS5Scu6g5wojlKUBkB-UzjySsYFYchqPnD7VJRwqcpMsyu7KWW8qiaruqQ-N0Fv-X7u0kq2ZAQOYfjeOu1vbVnfUsmHLxI1Ht456OgoiLM3vw2RCgnJfZ9-GjHIo3jKAxUIcZHlQOaracIwITK1Vf0WBC6Ixu5kdfB7M8irPiGTwXirI_HCtmZ9S5S6yP_UiFdhhggwXecey_-Omn1VkSyJaWaILvY1Hxs7HhBuys_iKqjff3d3aPUO0YXWeMkJgws83MfTUC6jIx7JZRiwA6SRZwNF5RSPdPrjCkOsencRHX2C3Nh1PYRgIzGhsTTiOXbXEygCMFq5PyJqrLPHMYtLG3lBdd9BBNf6h22nCcQFK3XQM8f914HadDmkyXtYyMV7T4wOvJ8F1frH0YHjVDsSoKhGXPZV-LLyZaPyYDd_HhO4c8tnnGZdOVD2QNONOk41EDyVN9BsnpIjuOPyWxGHV0eSCvQmymBZX3gVcif3709ysQJjL7dNrb9jQ3pPVCzudbgQD0uRNzNiWyw3o1evVWQOJBYkU2uAo7izrcCMTk0_VYHIVqNiVOGDbIdMlGHGSwfenMfr09tHHwD37OjsRA5K8FbnW13ZD5UL6JnY7XUnUFc6NndQo2cN85HHohbusMLZ16Kx3l3sfThlIDkM42WfFrl0p_U70Uuk3oEf6tl1XpolU7GzUZGZruf-zF0PzZ_4GKNcAxcCPngylQFnZH7X6g_u7_wTHvSVC16waP4aQmkIpealg6oGtQqrPcfDELuhk2Mrg-Fxp2mk4BmyraR1zII4akg6mExtrMEEasPjNIbyMnPXfBG1K9Rif-f_MKLBZPMoE-nHoWhAAg7glCWFWkiZtWhMwWn1KNsabSpq-TLxw6vK3LRijlMK-Dlr2jp5csP303dcz9Nbhu3lIqDzv30csYPEbHxwgkdWSKY708vI8-xOJm2_nZVXk7nGhWvgzE9Fz54sZX374tWzVFbb0-yR_CtIHalm5rrA0OiGPyEhpayZAkgnJPNlzx74MpIGzItgheklH-T5haasurC9Cdo1dREssSt4b3TVtl3S7DKeZ791QCpK2a-5Bffmm0y-bQFFNUMRVGQDMouJNiBDMDiA7QqAjCArKTFOrUydZ2ER2vWR-6ee_WpNkcDG4nzjSPx8VXpRDKUVbp03lk3repkkkygbEshPEKA8xVWhkEZ0zB4SfsJUbPD7A2QRLZII9wP9wyOyPjbxoq0d90jc8_RTalfSxANhRrZ5Mw6DOxQFs2984hWTsw7VqZkelV37JcOHg0E_IQ_RQI1f2IpMa7XSz_N_IY7lecpmu7hsrG2FklUhyKPMnRNdFCML_K8PTH8Cdq5rSj44k3umB2yz2DivbRmc_Lvwgy6GUdIKTBAqxRUsnJbsUzrHS3Aesj9f5irlIIa-Ta10ksWmwxFy5Vu_lx5eftwT2PYOXPIMjYsnSXLOgtIvNgecC7s1HlGdNhH-9KifamxqG1ahzPHULLs3XPJb9PTujDCMoOfkyAqqLTQAp6ckPfKGEwn2j3fVoGQp0O6f8BO0ZsWJz-7qQ3VQxpwJkeE7kAiQ-NlOX4BAVF1MhNWwYF_R_1zdJ2cSwEWbMw8hr4dwpfXxx1PowRQchZ6xI1aIZvWR_82HvBL4wkzQBcGvn7QBGNc7shCJe91OOV6ff5xkTCm5KDauJM_O1jyU2FMWN2SQhsxTHyVS06EU-lIKDxD8g-4LxwQ7ZJskbk0X9e9retYCv7252xTqdxBbeVp96sd5UI6ovUfQePBVzL842YiQMk_V8OlobnMR4RFjTrsfYfzdYge_COMJ7po23OQ7wwMINDtfFxc-qk3YD9DNSNVH8zWNBW9pMdJoYsgI5gGKD7GciLS8J7b2wlhSoCw47JP8fklPGjI7FANN3bBc-SUZUjt5BuR0p8MOMCMl-L94MM8JObsqrjY-ip270_y99kdrdI-HJlf4X3a4fym-iWAREZHk-BdQb6Ozz6hqR2h0T6keYujtpFzwly0Q9y_FDEehPYGv20rPPM4DCC5vzgZ6GajuwW9UPwVeWaD5U9W1irR_fpd2z4erPhg6TsSh9ZdPVbQizrAB3yq_BtmxsmDTk0UHs0yr1A-6fsoHKMSC6KVEFqKMrw8Gno38b4jhFbkLfeBR49bnEtAenrYsw4CgOQkATrG99N97FQf0DDfuNEuqojTCB1voSq4SqSA&cid=CAQSOwDUE5ymY30UI_Mr46wZHZolwt5Cuzs42vW4nc_5fQfxkFX1QDRwnn4NKYwygBGxwtud-iWhmMY_AZqXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.edestinos.com.br%2F&ds=l&xdt=1&iif=1&cor=9420455514856751000&adk=2857193498&idt=83&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

618eb294315fbf69663a1a82b764c8c7c44c60705f482a95a482644151c809a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35552
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C61B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&C=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGOH4vtMBMAE&v=APEucNUi92dGgugfMe-SZOt8obJoD1D3AK8wthLPRvMKWVoJMUN5EkBBhEc5YlLmG4tqHkYzZD-h1Wz3NXsJa5Z9Nh0YqDRgCuf5pdgux1fnmfcGa8hEjy-ksV9c45Ux4yBlZGnP_QuXcJqpiDowNeiz3E6U1pPntUCkcJlf_et00wYtdGCibrA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 06:36:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 06:36:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C61B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZABD.KpNlZsNULbMBQGwfwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&google_hm=2

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGOH4vtMBMAE&v=APEucNUi92dGgugfMe-SZOt8obJoD1D3AK8wthLPRvMKWVoJMUN5EkBBhEc5YlLmG4tqHkYzZD-h1Wz3NXsJa5Z9Nh0YqDRgCuf5pdgux1fnmfcGa8hEjy-ksV9c45Ux4yBlZGnP_QuXcJqpiDowNeiz3E6U1pPntUCkcJlf_et00wYtdGCibrA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 06:36:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4Qw-XX1oTMISBDRFaAzn0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C61B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBXLbTBFROFpQfUA6NeaTvI&google_cver=1

43 B
1 KB

16ms
16ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBXLbTBFROFpQfUA6NeaTvI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNQDENrt-aUDGOH4vtMBMAE&v=APEucNUi92dGgugfMe-SZOt8obJoD1D3AK8wthLPRvMKWVoJMUN5EkBBhEc5YlLmG4tqHkYzZD-h1Wz3NXsJa5Z9Nh0YqDRgCuf5pdgux1fnmfcGa8hEjy-ksV9c45Ux4yBlZGnP_QuXcJqpiDowNeiz3E6U1pPntUCkcJlf_et00wYtdGCibrA

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 06:36:40 GMT
AN-X-Request-Uuid: 614a8aa5-068b-4729-8312-6e924d287a03
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBXLbTBFROFpQfUA6NeaTvI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C61B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDc3ODk0ODY3NjczMDkz

170 B
232 B

70ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDc3ODk0ODY3NjczMDkz

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 06:36:40 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5fd17c87-38a9-4112-b98e-ce3776f6b1fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNDc3ODk0ODY3NjczMDkz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3461 106 KB
37 KB 203ms
46ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
Origin: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 11:42:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 3461 8 KB
3 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQxSDEZM1wU1lt1XmQKxlDL8S1BDMc-c-H2rYF9kF5Tlg_pufzD5nMZ6Vud9hetdZhETc9RItIrcCtWcoxw6JYQuNQNw&cry=1&dbm_d=AKAmf-DG5HnoxfADtGvG75zLU8OcDddRWy9J3KkTKFN93ll2W1y2vXV-0sMpkcPbmnLMvMDAJ7f5F4CYBNk2UEQeZqD0esh5w2RtI4rRwTemGc69l9MAPKSJA3G8CjHKgsISK4IT575golJnSQAyp3NrrgtojD9H3ZNW3uQg4mFiGMVAOrDVNHbsk3KGNvBhc_tdUrytisGznkS_SQF9jWHfLP7Ot88lwxbvWRMCEpjXXC1vFJ-qv1mKOOLwCRxXmLqFFfB0-ynT2FvxvNEB3jnbWdCUElbD17pElnx2GnMmsJD9IlnJ70jWZ3NxklGXQfv2wyWeBPtl4yA4VlCo7--sI-f1ap1JHAc49oNrnSEjpfStiHZYxga41BY7F3C8FtZ5Pm_3N_SyQfUwbDC2AmXXFaq4GwmqCOVrLnr1iZoDgvh71sSrNDtfpUh1wl6KG2wnZqPA1MXEzMk9E7tixXSWKvRUhnumuorbLUfRuv3TYpTGEdhH5ZM-TTp4LMnx-P4AFjRxd2uTzaOyDAMcGprCd0oPs-yLNqk06UhMIfIdmxbskS9xO6qF7mokNvJgG25ZJ-Hy7oVnBI3rI4GIIQx575LL6YkTYFB5HAAsP0nNDR1ZFqIEEfqdlWsGYpucoDZWTtpoOLzm4HyT2Tfa7MoZ6fwmpwPjAFXSnYW3g97-ptRRoVesaSKSyzuFksmd5vy2BrHB4_OGefOWBp3OCmKvOSQ6PJ7PJRQdUnE_9xXS-_hTGyCn5SVKwUzGJveUdymcB1mXBDzciE5qKhIhemQ4Gro5yApLPD95wN8wDTWz7bl_59i4-Aho--Pxs7Rv9GbUyAfgGoYVqu0ORX6kOaL_B6bE-k5cYYcKaMtebHRKQU17x53V5fNK6W0BY-nuVoTSTeWDtRx83xB4mDzh1ITpVO90N-Xmi9Evvg43CSU_32_4rcSKUzWAcQC3ifMSdorKCCW7V1DJUjhDxxUfGr8lwdKcjZhQ3SKOu85-ux0iVB4T7Jw48sIW0WRKtthjhpktm_vtYLjLv7vvQi6zSGhkT5LHCPLlpAWogYjkbAqf-IzdGt-IEeHSbuVXhnMEA2Xgvrr94Loz3YiKWWNgu3aIKTaFNurlK0iYJJxf_lxtf0wJ8hXdgyQvx4cQ7xQ_2cCkZkpntxC0uKO_2r-3_GxLD6szkYHpEWFb-QPeY47ZRAawAhskC_D003ylllCFoXfIGSjaouitEmFiwOR809N-9xTe1fEL6ukVFR8hs-TkfkZTaoxVmHtLLT9VUS5Scu6g5wojlKUBkB-UzjySsYFYchqPnD7VJRwqcpMsyu7KWW8qiaruqQ-N0Fv-X7u0kq2ZAQOYfjeOu1vbVnfUsmHLxI1Ht456OgoiLM3vw2RCgnJfZ9-GjHIo3jKAxUIcZHlQOaracIwITK1Vf0WBC6Ixu5kdfB7M8irPiGTwXirI_HCtmZ9S5S6yP_UiFdhhggwXecey_-Omn1VkSyJaWaILvY1Hxs7HhBuys_iKqjff3d3aPUO0YXWeMkJgws83MfTUC6jIx7JZRiwA6SRZwNF5RSPdPrjCkOsencRHX2C3Nh1PYRgIzGhsTTiOXbXEygCMFq5PyJqrLPHMYtLG3lBdd9BBNf6h22nCcQFK3XQM8f914HadDmkyXtYyMV7T4wOvJ8F1frH0YHjVDsSoKhGXPZV-LLyZaPyYDd_HhO4c8tnnGZdOVD2QNONOk41EDyVN9BsnpIjuOPyWxGHV0eSCvQmymBZX3gVcif3709ysQJjL7dNrb9jQ3pPVCzudbgQD0uRNzNiWyw3o1evVWQOJBYkU2uAo7izrcCMTk0_VYHIVqNiVOGDbIdMlGHGSwfenMfr09tHHwD37OjsRA5K8FbnW13ZD5UL6JnY7XUnUFc6NndQo2cN85HHohbusMLZ16Kx3l3sfThlIDkM42WfFrl0p_U70Uuk3oEf6tl1XpolU7GzUZGZruf-zF0PzZ_4GKNcAxcCPngylQFnZH7X6g_u7_wTHvSVC16waP4aQmkIpealg6oGtQqrPcfDELuhk2Mrg-Fxp2mk4BmyraR1zII4akg6mExtrMEEasPjNIbyMnPXfBG1K9Rif-f_MKLBZPMoE-nHoWhAAg7glCWFWkiZtWhMwWn1KNsabSpq-TLxw6vK3LRijlMK-Dlr2jp5csP303dcz9Nbhu3lIqDzv30csYPEbHxwgkdWSKY708vI8-xOJm2_nZVXk7nGhWvgzE9Fz54sZX374tWzVFbb0-yR_CtIHalm5rrA0OiGPyEhpayZAkgnJPNlzx74MpIGzItgheklH-T5haasurC9Cdo1dREssSt4b3TVtl3S7DKeZ791QCpK2a-5Bffmm0y-bQFFNUMRVGQDMouJNiBDMDiA7QqAjCArKTFOrUydZ2ER2vWR-6ee_WpNkcDG4nzjSPx8VXpRDKUVbp03lk3repkkkygbEshPEKA8xVWhkEZ0zB4SfsJUbPD7A2QRLZII9wP9wyOyPjbxoq0d90jc8_RTalfSxANhRrZ5Mw6DOxQFs2984hWTsw7VqZkelV37JcOHg0E_IQ_RQI1f2IpMa7XSz_N_IY7lecpmu7hsrG2FklUhyKPMnRNdFCML_K8PTH8Cdq5rSj44k3umB2yz2DivbRmc_Lvwgy6GUdIKTBAqxRUsnJbsUzrHS3Aesj9f5irlIIa-Ta10ksWmwxFy5Vu_lx5eftwT2PYOXPIMjYsnSXLOgtIvNgecC7s1HlGdNhH-9KifamxqG1ahzPHULLs3XPJb9PTujDCMoOfkyAqqLTQAp6ckPfKGEwn2j3fVoGQp0O6f8BO0ZsWJz-7qQ3VQxpwJkeE7kAiQ-NlOX4BAVF1MhNWwYF_R_1zdJ2cSwEWbMw8hr4dwpfXxx1PowRQchZ6xI1aIZvWR_82HvBL4wkzQBcGvn7QBGNc7shCJe91OOV6ff5xkTCm5KDauJM_O1jyU2FMWN2SQhsxTHyVS06EU-lIKDxD8g-4LxwQ7ZJskbk0X9e9retYCv7252xTqdxBbeVp96sd5UI6ovUfQePBVzL842YiQMk_V8OlobnMR4RFjTrsfYfzdYge_COMJ7po23OQ7wwMINDtfFxc-qk3YD9DNSNVH8zWNBW9pMdJoYsgI5gGKD7GciLS8J7b2wlhSoCw47JP8fklPGjI7FANN3bBc-SUZUjt5BuR0p8MOMCMl-L94MM8JObsqrjY-ip270_y99kdrdI-HJlf4X3a4fym-iWAREZHk-BdQb6Ozz6hqR2h0T6keYujtpFzwly0Q9y_FDEehPYGv20rPPM4DCC5vzgZ6GajuwW9UPwVeWaD5U9W1irR_fpd2z4erPhg6TsSh9ZdPVbQizrAB3yq_BtmxsmDTk0UHs0yr1A-6fsoHKMSC6KVEFqKMrw8Gno38b4jhFbkLfeBR49bnEtAenrYsw4CgOQkATrG99N97FQf0DDfuNEuqojTCB1voSq4SqSA&cid=CAQSOwDUE5ymY30UI_Mr46wZHZolwt5Cuzs42vW4nc_5fQfxkFX1QDRwnn4NKYwygBGxwtud-iWhmMY_AZqXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.edestinos.com.br%2F&ds=l&xdt=1&iif=1&cor=9420455514856751000&adk=2857193498&idt=83&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:26:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 3461 29 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:26:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:26:20 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3461 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 13:44:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C638 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:09:24 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:09:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3461 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 776f10091606d122b9612c2767a0267706684aa945774e1b2fabd8218691dbb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8BF2 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 156437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 11:09:24 GMT
expires: Wed, 28 Feb 2024 11:09:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNjeXpRdGsxUHhDeXQ1&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cver=1&google_push=Aa02lx-FLgzdHqNS3Fg84mrYQB1y10alR465SyqiGulqYlh...

170 B
188 B

71ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNjeXpRdGsxUHhDeXQ1&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cver=1&google_push=Aa02lx-FLgzdHqNS3Fg84mrYQB1y10alR465SyqiGulqYlhPhNTIUanzcTIUoMCydLDdhaLduXPO5zWDVNAjzz1_dgY1cX02eKJ1

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 06:36:40 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-05d0778f17fb7936d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNjeXpRdGsxUHhDeXQ1&google_gid=CAESENCx0Sq341sgxFu8HomMWqw&google_cver=1&google_push=Aa02lx-FLgzdHqNS3Fg84mrYQB1y10alR465SyqiGulqYlhPhNTIUanzcTIUoMCydLDdhaLduXPO5zWDVNAjzz1_dgY1cX02eKJ1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKra9_q4SUcSqSDsibRr24g&google_cver=1&google_push=Aa02lx-F3dcnSggZh5uENIetU5zEk5CVYUoZSbhso0xZids84LRnzGqtK6mKxeLhfwKI3oCTjVEhA-0sn6Rk7BJK...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-F3dcnSggZh5uENIetU5zEk5CVYUoZSbhso0xZids84LRnzGqtK6mKxeLhfwKI3oCTjVEhA-0sn6Rk7BJKMVoQ_132-xHm_g

170 B
188 B

70ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-F3dcnSggZh5uENIetU5zEk5CVYUoZSbhso0xZids84LRnzGqtK6mKxeLhfwKI3oCTjVEhA-0sn6Rk7BJKMVoQ_132-xHm_g

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 06:36:41 GMT
Server: MT3 530 4e92630 master cdg-pixel-x11 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-F3dcnSggZh5uENIetU5zEk5CVYUoZSbhso0xZids84LRnzGqtK6mKxeLhfwKI3oCTjVEhA-0sn6Rk7BJKMVoQ_132-xHm_g
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Mar 2023 06:36:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHH9GJ-lKiVPyM5UV94aMI&google_push=Aa02lx-jaOJuEFkNtOWnHVMqL2r-oo7HalF_AekTcOXTLZmAdwAzHF_-GV...

170 B
188 B

71ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHH9GJ-lKiVPyM5UV94aMI&google_push=Aa02lx-jaOJuEFkNtOWnHVMqL2r-oo7HalF_AekTcOXTLZmAdwAzHF_-GVxDACTmoO5V4U6ZHVewUj1UIM-_k9mRUIhlnqJJWlh9

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220076-HHN
pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677739001.047534,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHHH9GJ-lKiVPyM5UV94aMI&google_push=Aa02lx-jaOJuEFkNtOWnHVMqL2r-oo7HalF_AekTcOXTLZmAdwAzHF_-GVxDACTmoO5V4U6ZHVewUj1UIM-_k9mRUIhlnqJJWlh9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM_8pNUnv4KStRf5a_Gmjuk&google_cver=1&google_push=Aa02lx_mI7eHELLq5CS67EE0TwVywU2p8hLSslTORlm78MkcJf2b6ABPQGz9r6fI_2LPtWtIKbscWtPUXkzpqLK5...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_QbZYaBVRdyArMQK0e7cDg2&google_push=Aa02lx_mI7eHELLq5CS67EE0TwVywU2p8hLSslTORlm78MkcJf2b6ABPQGz9r6fI_2LPtWtIKbscWtPUXkzpqLK5JXKXjf0zLgVcLA

170 B
188 B

69ms
69ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_QbZYaBVRdyArMQK0e7cDg2&google_push=Aa02lx_mI7eHELLq5CS67EE0TwVywU2p8hLSslTORlm78MkcJf2b6ABPQGz9r6fI_2LPtWtIKbscWtPUXkzpqLK5JXKXjf0zLgVcLA

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 06:36:41 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_QbZYaBVRdyArMQK0e7cDg2&google_push=Aa02lx_mI7eHELLq5CS67EE0TwVywU2p8hLSslTORlm78MkcJf2b6ABPQGz9r6fI_2LPtWtIKbscWtPUXkzpqLK5JXKXjf0zLgVcLA
x-host: tde-deliveryengine-production-cdcfc8b9-x4p66
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame C638 0
75 B 251ms
18ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIrNUrmpfvxm_60tlR61wgA&google_cver=1&google_push=Aa02lx8tzu-_GYkvbcqHmpd9YTk_JQDT_D98eZak-t-0Qc2cRCg_AfhZ4N3Us143bmhKIbX_UNIK3DE_-Y_Cc_OUGu8fmKjFlSliXw
Requested by: Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:40 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBomY-5TS0vps7VytjfW6Xw&google_cver=1&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBomY-5TS0vps7VytjfW6Xw&google_cver=1&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DM2J5YXBORTJ1R0N4WEdIUFJkbnZQa1pEdF83OGtkX35B&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ug...

170 B
188 B

70ms
69ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DM2J5YXBORTJ1R0N4WEdIUFJkbnZQa1pEdF83OGtkX35B&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-oViRmv6p0N9_XZl6JW21JKrBC6VjM

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DM2J5YXBORTJ1R0N4WEdIUFJkbnZQa1pEdF83OGtkX35B&google_push=Aa02lx9Xy_MxdS3bXHT2Fm5s--zUOeR11rGas20cJjGGVizMDnG2mO7ugHFNRalvSGJnU81Pd-oViRmv6p0N9_XZl6JW21JKrBC6VjM
date: Thu, 02 Mar 2023 06:36:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQATmKk9...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKQ...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8d0dd514-f0fe-46eb-9d55-f390c775418f&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

70ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8d0dd514-f0fe-46eb-9d55-f390c775418f&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8d0dd514-f0fe-46eb-9d55-f390c775418f&%%GOOGLE_PUSH_PAIR%%
date: Thu, 02 Mar 2023 06:36:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C638 0
12 B 68ms
67ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrVRL6qEq_8chQvi3xLiOAQ4Y6XDwboT0o7xxqtYTprfPba6ci2sUZEIRYwkD0za1cEqDbvzg

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BF2 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 8 KB
2 KB 143ms
47ms Document
text/html 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e412bc450543349519f6294a043238afaa7e792cd0e470db19d099a9cc7c1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 549953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2526
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:50:48 GMT
expires: Fri, 23 Feb 2024 21:50:48 GMT
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3461 0
0 232ms
92ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrh5sowwt4JOY23NMcU_hRnjB3o0lEn67N0mkDHkW06oQ-yZWcOfRNtDWpKTGkJA_vm-bakwoQj7FDljF9VCkI19iovMZY-FccZhNkdRbnERIVB5PJpCqGeV4Gdwft2UhZUxIG2O3Ddx2YH_t1YM0bJwFainpaxwrkVL7398WhcucpugqJxNtYKVjzynbFbwW0KqFrtvJ58k1xDmgoWKZctzp8mrVn_Gjx8tUtECnnT0TJXUwWALP8MyCaTrcwMMn72zJx93tIO-Bgw39AA2fIt19ob2YxCCO93wekJNehuxAqk4dDaJqPxrz5Et6cvVZTaB-GLZkWBBMNO1p2uZY_bugRGfQf8UusSbPHu_m-URStePaz-jIzlsUheVod0Q3SnMRx4dWnGTJhF9xxhIR146HwwOc0SMgb8FtMCxkemv2QYEK6g56e0WVCqXGwugDRNMRqCPLJRqgegbS1LMW5zK7nfqCjnUGm-3bX4r0QxtIXHHwmVIAMbuX4t0nhhUkMsnm4gctcz8id-HSFx-LmzqDl5AQZ8HGqU_NBYXk91N992EgPBNwnL3pCKWpxZjIDk69qOFD9GAw4kIVZzv6dkr9QvGHMbLJREhQsm8R3RMfCMxjKZkEE4xUMeR8Eda1cBjxABMifrcERKKA5BQalzsQ6dF9a_H89qGAS-Nio4hKf_9c9UusFEVGnYbhvU0henbHFOI7IxxK-rDumpArh0LYNUErsuX2NQNizbPA0JHFBCUgz6jnNtVbzpkVnrIz7HIggCW-n7yj9SKXM_z72Ahecr1h66wmlJQB-XbBSbzxFcLqKIBWH89L8CIgYwIWh1fAvm0GlmKSiKTOZRi3XKzanWw98sfYC-k-_NJ1RON7ze2y1PFvVjLywAfpahLmCZZj2LfsuTgRAH71E7MHX02bF_jlsc3hncuE1XuHF8tsb9Krrh6mvq_PkKRY_2rWtYfSTysTwjX6vzw8ZZXf-UpHG_Y2dl9VHS7guJ2hL4aI9Ci4oImBUdbpOP5mIDOVkAYXEJh2VNRhysJIMaEzrb8zEpf4yQq4EruRAmd9cRRYY6VfGc49xTPuVtZeXouhkiX9OpSb1CH_QFoWFFHVynZB7Ody3gacEt6BiyF1q_0iS0pbaSKFBBru-H0OHrKDmjN17jDkC-HGzzwDsOdn4ppv4-Y_5bCIKhX5wguS1dVKRKXNOi6epFW-x1IrxhEMhN-Z0yTtN2xGeH_zMCiLs9Kdiz_CxlTxu1CYPSyZ9ilylNpX6kEBe6NGu1BKTwpk7hw&sai=AMfl-YRbhuxB-dDKJnUrL6j5_YvGipuV0iG5M72pNHpo9N64wGxd5n2o2OBntWJh5gRIetwl_fOEEPYHDl4mxnW-JLfNgRaMSNnp0XW740MafgxykKIBYGMedCJJsLpI4f2YSQMlA5HiZuUKKmtCQZSqZe4_UPtE89biyMGaX6qPL6FPCBPvST0b4GawvYcL31d3Wj8njZbXf46ovZdJQUC_zlDf4-aHa7_SI1zgj5XPJPnVjXgthk8WJoFmu1ajlNc1HTn-&sig=Cg0ArKJSzGDsRb-LNib_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=271&cisv=r20230227.32123&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 06:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 06:36:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BF2 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHKkM-EMAZJL9LczMx_APj4-zmAIAAAAAOAHgBAI&bg=!Y2ClYDTNAAbK-VRH6vk7ADkAdvg8WjTMQWfINS1crdsgJBjt8cNpftvIPlS0gxY0kqY8okGG3eyHDQ4OL5lxHcVlulqOAv0QFr0CAAAAV1IAAAACaAEHCgBJZvfrPdlHdtUWZ0ea1jn2YF_QFUxiGLK3NW-bHciOF36DsMA0Qvr5OoGD60u5OQMhAXXDrrAgBwCva-oMie56fnPEAl6a2zbWMJkC_s0EWCfij5cS9l-Q9T1CAyGvfcMHJM9u98naeGUIUBRoZ7hRLenPrFED5m1loJhfLSTCiKSqQEOFP64iY2kgQWIZW7-FE3Sdp1T2B6y89xJWpkvF_0Mh02cJb7RINStC3oyFufJtR8w8EEpbmQ0iAZd5ERmURxSIR6nnUOyFaxx9oGv-Vn7YBjr7qJcBO5_ONB0Ex8fA7yS6SYfMkbSdpGValyvO_8PHkH9Clv9J19VYgMMykThfoyZu1PwVc1p10QoOce7QDIfE5FhdJA1gHKG-kTBU7fLofjsh7N8h7_TgQ7_qOJ_IKDNDL_6LAEPLOnKtDcuW9HUofYJipbSupSL56EH-fpfqFtycSmWIg6My9WPT2QPzc2Iv7mbZOgW7SDATZ-0x6raYRCFnf3EAwVKNJg5mGD2ZOwWJik7Sdrb5e10WJrNVRBzEulG9u3Wf4m2FyH3F3fkWr659SfdSYf2znTH8b9NlVZI6eLzb3iZ5IBHMUHAldTi50O7M8L-SC2Mcsjb3yZNtVqFRsXKeSeL3PO4BCJB1J3btEha5POswcdzzPPVe3vOKlYKcJqwtZudiFyDiRmUhy4tmfEGHyf8U1mUNdzcGNylOynRRrwFq9M7caIHxekBM8F1R6J_bVKikynQRsMB_SOLLedgHc19CjIlmFKlh7lS2bzwwtIGQRqatzLE8Pr6uynHvIaOyT2CJy3lCZt0wcP4d9-pCR8_A3_5QYHI3DxHUMA8vSbmv294FIlpWn4A2Ok43pirQgJ29rizos19AdczQ-CCqJ41JawRm5AcS_3HS5ARYepypSPNQAGaimPbqaQXcSvnwpt9N0TESLyPodZnYWXS92sol5JtGg0tfH6J8LWQ60HYSMkVTlP0se6He3K-VS2pvUvqOroQwQRM9v3zwX5nZkdUaK5dIClXSMbpaapKOp-n3BE2MJD-s86Wyz5aMB_wpOc7-XSVXM2zwBKWCIKIv3bI1c8DB-fDNLyXTKmUqAL5WWFS71dDOzy6FlGVZ_cQ

Requested by

Host: 64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
URL: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3E17 109 KB
37 KB 80ms
80ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 06:36:41 GMT

GET
H3 200 image.jpg
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 27 KB
27 KB 48ms
48ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/image.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4178c22395fdf1814b3b0e1a6e1fdedae7e6f33dd7b5539231720c8649651af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:15:55 GMT
x-content-type-options: nosniff
age: 37246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27315
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 20:15:55 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 11 KB
11 KB 51ms
50ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61baf81d2e31896f9910c718b0f2c2753f8abc4d53ad585b3b9a19bd267048a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:20:01 GMT
x-content-type-options: nosniff
age: 483400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11581
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Feb 2024 16:20:01 GMT

GET
H3 200 ctaOver.png
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 8 KB
8 KB 48ms
48ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ctaOver.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65706157ef6822cc62d31da637c861f771edc69ca8c137270b4e4bf58d4cd6e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:20:01 GMT
x-content-type-options: nosniff
age: 483400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7845
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Feb 2024 16:20:01 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 7 KB
7 KB 48ms
48ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf67dc05e0b56cffc91d0d6c554680a4523f3f142abac4c77db1b1f7d5eb7d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 20:15:55 GMT
x-content-type-options: nosniff
age: 37246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6724
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 20:15:55 GMT

GET
H3 200 copy1a.png
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 10 KB
10 KB 51ms
51ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/copy1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab09d970164784bc5bc7b95ee099e1007943f5878a1f064bc655fd92c40a4f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 10:25:20 GMT
x-content-type-options: nosniff
age: 591081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10080
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 10:25:20 GMT

GET
H3 200 copy1b.png
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 11 KB
11 KB 54ms
53ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/copy1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577340e20a6938183fceb215e2e2d4f9bbf0803d70843a70cdcaf9a67792f9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 10:25:20 GMT
x-content-type-options: nosniff
age: 591081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11145
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Feb 2024 10:25:20 GMT

GET
H3 200 copy1e.png
s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/ Frame 3E17 13 KB
13 KB 59ms
58ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/copy1e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e290b8ba628a0ff42ff9706850e6ee5f03434ae7deceb10fb1d5902aab988e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11015191712984362418/Textron_Aviation_Aftermarket_EU_B1_970x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 12:44:00 GMT
x-content-type-options: nosniff
age: 496361
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13657
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 18:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Feb 2024 12:44:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3461 0
0 83ms
83ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrh5sowwt4JOY23NMcU_hRnjB3o0lEn67N0mkDHkW06oQ-yZWcOfRNtDWpKTGkJA_vm-bakwoQj7FDljF9VCkI19iovMZY-FccZhNkdRbnERIVB5PJpCqGeV4Gdwft2UhZUxIG2O3Ddx2YH_t1YM0bJwFainpaxwrkVL7398WhcucpugqJxNtYKVjzynbFbwW0KqFrtvJ58k1xDmgoWKZctzp8mrVn_Gjx8tUtECnnT0TJXUwWALP8MyCaTrcwMMn72zJx93tIO-Bgw39AA2fIt19ob2YxCCO93wekJNehuxAqk4dDaJqPxrz5Et6cvVZTaB-GLZkWBBMNO1p2uZY_bugRGfQf8UusSbPHu_m-URStePaz-jIzlsUheVod0Q3SnMRx4dWnGTJhF9xxhIR146HwwOc0SMgb8FtMCxkemv2QYEK6g56e0WVCqXGwugDRNMRqCPLJRqgegbS1LMW5zK7nfqCjnUGm-3bX4r0QxtIXHHwmVIAMbuX4t0nhhUkMsnm4gctcz8id-HSFx-LmzqDl5AQZ8HGqU_NBYXk91N992EgPBNwnL3pCKWpxZjIDk69qOFD9GAw4kIVZzv6dkr9QvGHMbLJREhQsm8R3RMfCMxjKZkEE4xUMeR8Eda1cBjxABMifrcERKKA5BQalzsQ6dF9a_H89qGAS-Nio4hKf_9c9UusFEVGnYbhvU0henbHFOI7IxxK-rDumpArh0LYNUErsuX2NQNizbPA0JHFBCUgz6jnNtVbzpkVnrIz7HIggCW-n7yj9SKXM_z72Ahecr1h66wmlJQB-XbBSbzxFcLqKIBWH89L8CIgYwIWh1fAvm0GlmKSiKTOZRi3XKzanWw98sfYC-k-_NJ1RON7ze2y1PFvVjLywAfpahLmCZZj2LfsuTgRAH71E7MHX02bF_jlsc3hncuE1XuHF8tsb9Krrh6mvq_PkKRY_2rWtYfSTysTwjX6vzw8ZZXf-UpHG_Y2dl9VHS7guJ2hL4aI9Ci4oImBUdbpOP5mIDOVkAYXEJh2VNRhysJIMaEzrb8zEpf4yQq4EruRAmd9cRRYY6VfGc49xTPuVtZeXouhkiX9OpSb1CH_QFoWFFHVynZB7Ody3gacEt6BiyF1q_0iS0pbaSKFBBru-H0OHrKDmjN17jDkC-HGzzwDsOdn4ppv4-Y_5bCIKhX5wguS1dVKRKXNOi6epFW-x1IrxhEMhN-Z0yTtN2xGeH_zMCiLs9Kdiz_CxlTxu1CYPSyZ9ilylNpX6kEBe6NGu1BKTwpk7hw&sai=AMfl-YRbhuxB-dDKJnUrL6j5_YvGipuV0iG5M72pNHpo9N64wGxd5n2o2OBntWJh5gRIetwl_fOEEPYHDl4mxnW-JLfNgRaMSNnp0XW740MafgxykKIBYGMedCJJsLpI4f2YSQMlA5HiZuUKKmtCQZSqZe4_UPtE89biyMGaX6qPL6FPCBPvST0b4GawvYcL31d3Wj8njZbXf46ovZdJQUC_zlDf4-aHa7_SI1zgj5XPJPnVjXgthk8WJoFmu1ajlNc1HTn-&sig=Cg0ArKJSzGDsRb-LNib_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=615&vt=11&dtpt=341&dett=3&cstd=271&cisv=r20230227.32123&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:36:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 06:36:41 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3461 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtXIWoA3Wq6SdVZE_R4WCf3hIcZbAAUIA9tAcz2fdFK84DQTjJT1CDQcdEaJN-GitdtE9fLDFlSByuqFLGS4k6d4tvX-E2CnOZ0gYwdieQ7Jyk3HV0CjPsQxhO9P0f4YY_CFABJQ&sai=AMfl-YQaEoslpaYDyo1Yff9wS8jutxQ2yxRJ2hMH7i4iLILfJgIhtJ5DtBqhpkA4m0WbMQqEtITJpL4ykBchYdQ5sXVrbX4BXR2ZM3YAejhbuF2BOt5yPV16TBRH14U&sig=Cg0ArKJSzNrnnfR7J4_ZEAE&cid=CAQSOwDUE5ymY30UI_Mr46wZHZolwt5Cuzs42vW4nc_5fQfxkFX1QDRwnn4NKYwygBGxwtud-iWhmMY_AZqXGAE&id=lidar2&mcvt=1000&p=614,315,864,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2844816383&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677739000565&rpt=405&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3461 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8896280000894&version=m202301230201&ct=76&x=1&cor=9420455514856751000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 06:36:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.edestinos.com.br/	1970-01-20 18:47:54	Name: firstTimeVisit Value: 202303020636
.edestinos.com.br/	1970-01-20 10:03:45	Name: _gid Value: GA1.3.697130089.1677738997
.edestinos.com.br/	1970-01-20 12:11:54	Name: _gcl_au Value: 1.1.1644974689.1677738997
.edestinos.com.br/	1970-01-20 10:45:30	Name: mes_referrer Value:
.edestinos.com.br/	1970-01-20 10:02:19	Name: _dc_gtm_UA-21804834-1 Value: 1
www.edestinos.com.br/	1970-01-20 19:38:18	Name: uguid Value: 82a13e950b1f34781177614527ad7493f7ad076f
.edestinos.com.br/	1970-01-20 10:02:19	Name: _dc_gtm_UA-136029019-1 Value: 1
.edestinos.com.br/	1970-01-20 19:38:18	Name: esky_TCSI Value: GRXA1677738997594
www.edestinos.com.br/	1969-12-31 23:59:59	Name: newUser Value: GRXA1677738997594
.edestinos.com.br/	1969-12-31 23:59:59	Name: esky_TCSIS Value: FFOYC1677738997601
.edestinos.com.br/	1970-01-20 19:38:18	Name: MasterId Value: f2495930-9c77-5ef5-95d0-14cf7e1de853
.travelaudience.com/	1970-01-20 19:33:59	Name: _tracker Value: %7B%22UUID%22%3A%22FD06D961-A055-45DC-80AC-C40AD1EEDC0E%22%7D
progress.edestinos.com.br/	1970-01-20 18:47:54	Name: OAID Value: 01000111010001000101000001010010
www.edestinos.com.br/	1969-12-31 23:59:59	Name: esky_TCTTIStart Value: 1677738997698
.www.edestinos.com.br/	1970-01-20 18:47:54	Name: _yoid Value: 43a55b39-e6bd-4a5b-b3d5-553947ebfeed
.www.edestinos.com.br/	1969-12-31 23:59:59	Name: _yosid Value: a8f0cbe8-7070-4764-b231-b19be3316ca9
.edestinos.com.br/	1970-01-20 19:38:18	Name: _ga_N9CRQD0ZQC Value: GS1.1.1677738997.1.0.1677738997.60.0.0
.edestinos.com.br/	1970-01-20 19:38:18	Name: _ga Value: GA1.1.331767709.1677738997
www.edestinos.com.br/	1970-01-20 10:02:20	Name: lux_uid Value: 167773899792800782
.adnxs.com/	1970-01-20 12:11:55	Name: uuid2 Value: 480477894867673093
.edestinos.com.br/	1970-01-20 10:03:45	Name: _uetsid Value: 957edd90b8c411ed9e8c9b203bc49932
.edestinos.com.br/	1970-01-20 19:23:54	Name: _uetvid Value: 957f3800b8c411eda792599a52ad5cd9
.bing.com/	1970-01-20 19:23:54	Name: MUID Value: 2DF0B05E78FE65CC2E12A29679956432
.sojern.com/	1970-01-20 10:12:23	Name: adh Value: 1
secure.edestinos.com.br/	1969-12-31 23:59:59	Name: esky_TCSIS Value: FFOYC1677738997601
secure.edestinos.com.br/	1970-01-20 19:38:18	Name: esky_TCSI Value: GRXA1677738997594
secure.edestinos.com.br/	1970-01-20 19:38:18	Name: MasterId Value: f2495930-9c77-5ef5-95d0-14cf7e1de853
secure.edestinos.com.br/	1970-01-20 18:49:21	Name: firstTimeVisit Value: 202303020636
secure.edestinos.com.br/	1970-01-20 10:02:21	Name: partner_id Value: EDESTINOS
secure.edestinos.com.br/	1970-01-20 19:38:18	Name: uguid Value: 4646dc90aad9cb88fa012b74bffae364a5d33f5a
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: cktst Value: 109579533
.pubmatic.com/	1970-01-20 10:45:30	Name: KRTBCOOKIE_731 Value: 15167-FD06D961A05545DC80ACC40AD1EEDC0E
.pubmatic.com/	1970-01-20 10:45:30	Name: PugT Value: 1677738998
.sojern.com/	1970-01-20 18:47:54	Name: cid Value: 4365fdba-eae5-0807-02c1-8cc966550642#1677715200000
.sojern.com/	1970-01-20 12:11:54	Name: apnid Value: 480477894867673093
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: ckid Value: 3016731609946
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: dph Value: %7B%22t%22%3A%5B124158%5D%2C%22dp%22%3A%5B6645%5D%7D
.yieldoptimizer.com/	1970-01-20 18:47:54	Name: ph Value: %7B%22p%22%3A%5B39%5D%2C%22t%22%3A%5B124158%5D%7D
www.edestinos.com.br/	1970-01-20 18:47:54	Name: UniqueUserId Value: a44b3fee4ecc50642ed53837041e2662
.doubleclick.net/	1970-01-20 19:23:54	Name: IDE Value: AHWqTUkbScStZFqBnHWfkZJRZGlm6YVtEnQzOoTK0asLh9zlqsKD_UrQ3XFFJ1IP2a0
.sojern.com/	1970-01-20 18:47:54	Name: gid Value: CAESEOKymIsiwknTLcyhsld8zUA
.edestinos.com.br/	1970-01-20 19:23:54	Name: __gpi Value: UID=000009c61ef0c797:T=1677738999:RT=1677738999:S=ALNI_Mb9XThEP7gcWqgfVsAobHuFkfLNiA
.prebid.a-mo.net/	1970-01-20 18:47:54	Name: __amc Value: 1_1677738999_1677738999
.clicktripz.com/	1970-01-20 12:11:54	Name: _ctuid Value: c0acda0d-ff75-4913-9eea-de4dd9a008c6
.edestinos.com.br/	1970-01-20 12:11:54	Name: _ctpuid Value: 63b47ce4-9e9d-4660-9166-16da94b1617c
.adnxs.com/	1970-01-20 12:11:54	Name: icu Value: ChgIhYxLEAoYASABKAEw94eBoAY4AUABSAEQ94eBoAYYAA..
.edestinos.com.br/	1970-01-20 19:23:54	Name: __gads Value: ID=45566efb1a30fb2a-2291d35b3bdd007b:T=1677738999:S=ALNI_Mb4Xxsz9_htN1NJKco8EFRtYkaVhA
.adnxs.com/	1970-01-20 12:11:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImQc_ge_!2(5u(<j<dINiYhTyXnfi8FW/1HiKbe8xYTmqW#X2d(4q32^N`g_!JnLkK2h%(2K:$doS]%6lNR0q%*m
.casalemedia.com/	1970-01-20 18:47:55	Name: CMID Value: ZABD.KpNlZsNULbMBQGwfwAA
.casalemedia.com/	1970-01-20 12:11:55	Name: CMPS Value: 1149
.casalemedia.com/	1970-01-20 12:11:55	Name: CMPRO Value: 1149
ads.travelaudience.com/	1970-01-20 19:33:59	Name: _tracker Value: %7B%22UUID%22%3A%22FD06D961-A055-45DC-80AC-C40AD1EEDC0E%22%7D
.w55c.net/	1970-01-20 19:33:59	Name: wfivefivec Value: 1scyzQtk1PxCyt5
.w55c.net/	1970-01-20 10:45:31	Name: matchgoogle Value: 5
.mathtag.com/	1970-01-20 19:28:14	Name: uuid Value: ba7d6400-43f9-4700-b5fb-2ab36689ccf5
.mathtag.com/	1970-01-20 10:45:31	Name: mt_mop Value: 4:1677739001
.bidswitch.net/	1970-01-20 18:47:55	Name: tuuid Value: 8d0dd514-f0fe-46eb-9d55-f390c775418f
.bidswitch.net/	1970-01-20 18:47:55	Name: c Value: 1677739001
.bidswitch.net/	1970-01-20 18:47:55	Name: tuuid_lu Value: 1677739001
.everesttech.net/	1970-01-20 18:47:55	Name: everest_g_v2 Value: g_surferid~ZABD_QALABcKwwA_
.yahoo.com/	1970-01-20 18:48:16	Name: A3 Value: d=AQABBPlDAGQCEAdvLUuGOcSf66l2BAkQVc8FEgEBAQGVAWQKZAAAAAAA_eMAAA&S=AQAAAm8QbNc2aKTqZBrdBC081oY
.analytics.yahoo.com/	1970-01-20 18:47:55	Name: IDSYNC Value: 18yx~2aa6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64aa019672a0d0590dc933953697fdd2.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
accounts.google.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
api.clicktripz.com
bat.bing.com
beacon.riskified.com
c.amazon-adsystem.com
c.riskified.com
cdn.jsdelivr.net
cdn.speedcurve.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
edestinos.com.br
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
img.riskified.com
js.adara.com
lib.wtg-ads.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.sojern.com
pm.w55c.net
prebid.a-mo.net
progress.edestinos.com.br
region1.analytics.google.com
s0.2mdn.net
script.4dex.io
sdk.adara.com
secure.adnxs.com
secure.edestinos.com.br
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
static.clicktripz.com
static.sojern.com
static.xx.fbcdn.net
static1.eskypartners.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tag.yieldoptimizer.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.clicktripz.com
www.edestinos.com
www.edestinos.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.25.185
104.83.4.32
107.178.244.119
108.138.4.10
13.224.189.6
13.224.191.98
142.250.180.194
142.251.39.66
147.75.85.234
151.101.130.49
151.101.194.217
151.101.65.195
18.195.54.139
18.65.39.76
185.29.134.244
185.64.190.80
185.80.39.216
185.86.138.155
185.89.211.116
185.89.211.12
2001:4860:4802:32::36
23.36.162.208
2600:1f18:f8a:b700:86cb:4152:b0b1:dbcb
2600:1f18:f8a:b703:5a81:f87d:ffc8:4ebf
2606:4700:20::681a:9a9
2606:4700:20::681a:e0a
2606:4700::6810:5914
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:831::2001
2a00:1450:400d:802::2002
2a00:1450:400d:802::2006
2a00:1450:400d:806::200e
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2004
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200d
2a00:1450:4025:402::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.65.159.191
3.71.149.231
34.102.191.167
35.155.25.126
35.186.212.60
35.190.0.66
35.244.188.9
35.71.131.137
44.209.151.138
52.36.128.54
035d955d8711896fadb5ac300ddce62d859512ff0034e3289a649138587f9c4e
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
095c021af173fc972093ffe60ac7cdf1a6d492efb0086f73c757755deb6016df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c68b2a38364637eb474ed0a19b85947679b526cb0d2276586de685ab79ff517
104c12ae15b58ae83ed6925817f951232cb0f1b24a70e85cba96d63a19437cb7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137de89c58549269c3105d11ffbaad9141804c3526b86536eae293ea333d6d30
154627be91ed8c1e92a0c4cd4011eef27d4b1ff1be423ad20836fc283e00393b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1a5afd5736258a8008f2ab20413af8ed1e0f0b5630d96001a88229b492c1392b
1b0963f14226beb0e141c1d4def4cc1bc70e8ef8792a527f80a11c8591ba63f0
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e412bc450543349519f6294a043238afaa7e792cd0e470db19d099a9cc7c1dd
1f5059958c454cf7d0c7d5f61720b3bff25696bfe8b4bcb646ea7f5e2db2544a
223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b
2685413ff17b9815752655126dddd2a7c1370db1b58ec670da1242574b934504
287967ffe496493c9a297640b6babdfe08aa56027a875806c7b6b8e5cd756798
2c9acbd74a48039642026812e6ad5f3e353e5d602a36474a5dfa9c2d4ace53d8
2d1b9fd515aed1376aaa3eb09ebb7859cb1c3952e88ee727b00fcc46ec1d939a
2e54d09aefdcf93b7d7e00e7e3dc528d82bf9fd89370e0e7f5f253a4fb09930b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3435d7202974abdbc3d1ef7cb3aa5bb1bd635ccc2fe597719bb1bb0e187e0630
3457f7c463a9acacb127774b26cf9cc173b0cc1cb669e7bb04d40ae1f18b6c97
3604beeecd9e843dd714037b56c0e5114c776c9a53eaf0a2b13a82373fa53035
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37010ff57d24b06cb9276c7ac00076c34cdee636f947dc93b9b0eafbe77d0923
3d8b7f7d357d179150640504e8d4ebac840c11a3db813fdd94d421dd433de2be
4178c22395fdf1814b3b0e1a6e1fdedae7e6f33dd7b5539231720c8649651af0
44285c30906cb5b7bde6e33d745bd5614ede59d699fdbd2a9eed06fbf74b431d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4807c169ee4f97efe151d53b2a5a2ca190dac810597561bd463d97e1ed8cb49e
4990b90c31f5b823613a2f72103699a58dce4ff1bdc2aa03f326395944b193e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd80aefae8c22cf88d7d50fc99643cbb05f8b48e4435f1042c71355c19d05b4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
501f49b1aa5933fd40a296ba8712c6a0d1a5d2a5274356404f3a5028d786a745
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509d2ceca3c04330ea117c8381e4462c4db7d235e618e6a5681e5c7454dca9e3
5232331c8e4711696ecb88c016bf3bdd4e6f6b879394dc234954894153fac1a8
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577340e20a6938183fceb215e2e2d4f9bbf0803d70843a70cdcaf9a67792f9e6
58f390685d60088213d9b28d2931b53eed0b2760ff2a7e5934e585db492557d7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2a198416a1d73546134591584fb18514afee0178abff956b7a011b1c1122af
5cb557a93cee9ab58da4f7e0ded20309261f563d53dc5573ccf6a4a1a9ed6a30
5e8fb0d889f0eccd6e9146e81bb0fec67dc5b2b7b7c8abd8afc60f38c10b7ac2
618eb294315fbf69663a1a82b764c8c7c44c60705f482a95a482644151c809a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695
628cb1a4225ad22360f2e5e8c75756b0cdcaf58da2f387a982e00c90f68837d5
62ac21f4bb033875e840d5fceedad4db98bb9e79b4256af3939fb54fc4cc98f1
648d744050ebba9ff4aed315f2a29c7f324cb3b368b8ea672975005c1846168e
65706157ef6822cc62d31da637c861f771edc69ca8c137270b4e4bf58d4cd6e3
68b41c90cb36024743b17006a5970ad0add0d59036481318b7ac9379427b6d25
6a84022653fc4b525e81e0a9dabbae72e89cdc31c7269cd43edaf9fffe8f74be
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9afc1dc2629f375e2befdb50c1f4e41f79444aa93b39ce0979c3573ca8b446
71968d57e82919464ecf3822eade7debcd9c91cb7ecc2c5e33339ef1e94dca66
729706b0458f28fe04a2f52773e1e2fc4bb333885a8e39b0f42afc48341b54bf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d9b0511506a2203607a77bcd58e3957a6779dc9ed69760acdf6f3ac90539ca
765dff7d7185f9d3d46deedf25192d7b84b5eaf0898b37d7388359a11a297237
776f10091606d122b9612c2767a0267706684aa945774e1b2fabd8218691dbb9
7851c8f7f95b17bd6b00cb8d25177f51fed135575c04a4bd132d84ffbe95bffd
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7e75c3eacb5284685fbba1ee237dc9772abfea2b3ee14bed0416575b7ec70eb7
8041e2a9ca3fda9b61d1ba8e03aa6f24d6a82ddf00e188e5fb5bdabf47ed3c83
82f5921977cb167201c89e6c59bc86d73c45e3209ec88a0e9b2ba9455128ea89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
877b322a8474399684c090021e1387d76e8de6124d21c65e6e5676b3732ad13a
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
890979a81fefd0731a414375cbd321041918ad7db91966b5076da734c71171df
89ff8f14e53e35f029f67e669ace29a367a6fce2b495772ec79a839707e7ddc2
8b18e39f1fdad9cceb5c7774f5d611a9193db4b46d07e3389960318e88e39468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec4492afe1e481486c6a8a88f72da907c2dbe4722462d3d9914157f8a377914
8ff467e5bb27c60640d4d5cd042921dbacef8b3cf13c02aa1afb25e6fb2c5b1d
9182a6c55d1b4b85f18bb8229a5863949a2bdbcade967d5e874404d5981a161d
91f809451f121319419faa6094000ea4e0cad99e934618584bbcdd3964f1dcd1
949c2a3a8684bde5dca23be817b9a119706071950c7f9d59b5fed74cb21bb81c
95c34767df336279a837d7c82a6d97927833a83f105d0486c463cbb5671540da
977060cd4780698c9bbc60ec53044e120ff543fedc9fc67da9328090062d066f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac09ac41e88d99d1c483ee7e89fca19d4bebfabb3bfff6dd4ee463efdc1bf7d
9b608eb5f2ed887c559a7cf0bd8548c369d5ddf38791a804fef80f39edc74eee
9cdfc32c4e7f1b3c86a4a53457ce1bd3e7c4e1a85cb8fe4fb2dfb2c170f01a22
9ddc60e13bc8a828a2894ecde147035ca08661a7709aaf643de25a5510add97d
9f3dcd3ef5fe7014331851eb84b099b6ba929d969f2995a95bcc576a227aaaf9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a042ab934ad6c7bb28ebe842d0e982e7f60bf380dea2ea5a0a53d38c38aeb781
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a55ece1c61e034cd83fe591b917b02396c146122b3a1d6a0ad589ad27f230e44
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a7c8864a5604420feb35225983b5d5cf39b63f7d183188a121a96fbdb97a4b12
a84c58e8202dd72a0250891222f46286aa28019d4eda8454599b6be35539c93b
ab09d970164784bc5bc7b95ee099e1007943f5878a1f064bc655fd92c40a4f3d
ab4b82a5d4658104079c7651b70142876e157312585de7b3954ecf80dff7b2bb
ac20e623d64c173495a4692d3b324d637d65a28f9e633ee08fd7e9f18b7bc8c1
ad13cbb2d0ff900c5dbbf4d9ea0c36c5e8bd4d1b40d3f1f686563a988e092b63
add686cb7df7c0c292cdda706ed96a41136e0b89bf03926ad90f6ecb106ba5f8
aeed0a8042545b68356b6224994aea4299111d9677a5b57ab3d7848804a04c51
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b88136006a2a4b562374a91997a7f12d804e68d66b95eb1a643ce190237486d7
b92c2ebab61b479744c99a96b6feeaf371f01760e0267b7b7b3ea4569b304d99
b9cf1c143a4e7d3cac8cafeac986fe0c623ce2732a2b59f592db322d6d211acf
ba0fc80d949409c367679ae62bbbe21005b653408a6baf1b23e1ec51f3251140
bcdaa505e1ed00e17d6b30ae0cbf0a1ef89f10d9fcfd8ce3365ad226b98bfd25
bf362c1f21aaaa3d856992972bba5814243cad5880e0565d0b2715baa4b380de
bf67dc05e0b56cffc91d0d6c554680a4523f3f142abac4c77db1b1f7d5eb7d09
c09a29439b8e046c4d971bd2975d6e41fa6b2fef4c00b4a37f1d51cc3c27e2db
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f
c9880cd77ebc64342c8c145248fb6a8fd8f5a6ad708613ee2c98585f0df98c46
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ced2404b6365c1713aed30880b31ba25a3bb2ac9402edc1e44a00ddcb1b0565f
d1afcad854af0ef5008b97db33c63afa676fab9b8c56bea4a43012889a65d5f3
d4f676371c44f65b0f333138b35e5195d77648aa72e9b2c46a0a3d09d0460243
d58ad7b164b8e4d553083a83ceae9cd3eccf12ed5c6f0d5a3f4c3dcdafefa40c
d61baf81d2e31896f9910c718b0f2c2753f8abc4d53ad585b3b9a19bd267048a
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d8eace6990c103452b6d84516afe6416e9254e53676e414edb7a15ce683fb1ab
d9a1edfba6aa1fe0b8c8a0a8e64cd2a5ff1e490edd0a2d6da4387131e120b7db
da21aa02f9b6b967745ddc94066674be183cdb86e53dab6392878d6a1ddb252e
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e290b8ba628a0ff42ff9706850e6ee5f03434ae7deceb10fb1d5902aab988e90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e796bbf820b6c82c648fc30c1ef0936de768c4236715b40c938faa67175f8eb5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb51330633820d029e4ac798d28b27fcfaca919172dc511e2b0fbeaf61e29e25
eb561356ba8f25b01ee53e234c49c76af475fcfd0eaaa9734ed5c35949c01afe
ed329ff4d30da7cba403f978c4d7c223f46ad9ab60006ed111da6a437502502b
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05b3de6d6956f5ea97119138bd2b77b485b2c5522d6e5d8bfb5049f213c49db
f123222af4bea8f965ae29a49fa737777d016d1f9c6fc8b68ae00b7e2ada5884
f1db8f710e4c216fce8a1c8541bce5b25f4fd53676c44d2f8ec9a37366b945c8
f80d4a13aa664e933bfe620dd4a0f3272d88d02ff7b58c5898944fe39a012a1f
f93f5ab7889e94520bd394ee8420f97b2a95183ae3b545bd98ad8ad9607d4bef
fa7ac9172004b2527ecd2824e6ea1b4955250357f7c1a42291b33764b7f1de78
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fc6e1d615ac55793593666c3ee35b657fb32af84b9631227875d453bbde096cc
fff85e6a82c9844340c36a49cf3cca8a2023e470b171c78f2edec68e94b1cc4e

www.edestinos.com.br Open in urlscan Pro 23.36.162.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

93 %HTTPS

47 %IPv6

41 Domains

64 Subdomains

49 IPs

9 Countries

4164 kBTransfer

8957 kBSize

65 Cookies

73 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.edestinos.com.br Open in urlscan Pro
23.36.162.208 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

93 %
HTTPS

47 %
IPv6

41
Domains

64
Subdomains

49
IPs

9
Countries

4164 kB
Transfer

8957 kB
Size

65
Cookies

221 HTTP transactions
1 data transactions