www.edestinos.com.br Open in urlscan Pro
2.16.186.136 Public Scan

URL:
https://www.edestinos.com.br/
Submission: On July 19 via manual (July 19th 2021, 7:42:22 pm UTC) from BR

Summary HTTP 237 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 58 IPs in 8 countries across 49 domains to perform 237 HTTP transactions. The main IP is 2.16.186.136, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.edestinos.com.br.
TLS certificate: Issued by R3 on July 7th 2021. Valid for: 3 months.

This is the only time www.edestinos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2.16.186.136 2.16.186.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
19	13.224.99.109 13.224.99.109	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
7	46.242.128.69 46.242.128.69	12824 (HOMEPL-AS) (HOMEPL-AS)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
2	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
5 7	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9 18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.102.191.167 34.102.191.167	15169 (GOOGLE) (GOOGLE)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
10	35.195.130.253 35.195.130.253	15169 (GOOGLE) (GOOGLE)
2	93.179.224.106 93.179.224.106	31242 (TKPSA-AS) (TKPSA-AS)
3	143.204.98.96 143.204.98.96	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::681a:f0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:f8a... 2600:1f18:f8a:b704:e516:f71b:f667:9bcf	14618 (AMAZON-AES) (AMAZON-AES)
1 11	44.232.249.159 44.232.249.159	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	136.144.58.223 136.144.58.223	54825 (PACKET) (PACKET)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.19.162.41 213.19.162.41	3356 (LEVEL3) (LEVEL3)
5	23.22.25.19 23.22.25.19	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1f18:f8a... 2600:1f18:f8a:b702:3244:e271:3ba7:c409	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	213.254.244.26 213.254.244.26	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	13.224.99.105 13.224.99.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	72.251.244.141 72.251.244.141	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	52.29.191.126 52.29.191.126	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	213.254.244.12 213.254.244.12	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
237	58

34 2.16.186.136 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-136.deploy.static.akamaitechnologies.com

www.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
progress.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.224.99.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-109.zrh50.r.cloudfront.net

static1.eskypartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 46.242.128.69 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: 1393795-7586.iaas.home-whs.pl

cdnstatic1.esky.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.edestinos.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

js.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.87 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.191.167 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 167.191.102.34.bc.googleusercontent.com

sdk.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.195.130.253 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 253.130.195.35.bc.googleusercontent.com

4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.179.224.106 (Katowice, Poland)

ASN31242 (TKPSA-AS, PL)
PTR: host-93.179.224.106.static.3s.pl

media-edestinos-com-br.ipresso.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perun.ipresso.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-96.fra50.r.cloudfront.net

compare-static.edestinos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:f0a (United States)

ASN13335 (CLOUDFLARENET, US)

lib.wtg-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b704:e516:f71b:f667:9bcf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 44.232.249.159 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-249-159.us-west-2.compute.amazonaws.com

www.clicktripz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
compare.edestinos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.58.223 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

waytogrow-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.22.25.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-25-19.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b702:3244:e271:3ba7:c409 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.254.244.26 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20518.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20240.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-105.zrh50.r.cloudfront.net

static.clicktripz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s2.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.141 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.191.126 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.12 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps20238.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	edestinos.com.br www.edestinos.com.br progress.edestinos.com.br blog.edestinos.com.br secure.edestinos.com.br	730 KB
30	doubleclick.net 9 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	164 KB
22	googlesyndication.com afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	118 KB
20	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20518.doubleverify.com tps.doubleverify.com tps20240.doubleverify.com tps20238.doubleverify.com	215 KB
19	eskypartners.com static1.eskypartners.com	992 KB
12	edestinos.com compare-static.edestinos.com compare.edestinos.com	264 KB
11	google.com 1 redirects www.google.com accounts.google.com fcmatch.google.com adservice.google.com	74 KB
10	es.io 4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io	184 B
8	riskified.com beacon.riskified.com img.riskified.com c.riskified.com	15 KB
7	adnxs.com 5 redirects secure.adnxs.com ib.adnxs.com	8 KB
7	gstatic.com fonts.gstatic.com	152 KB
6	sojern.com static.sojern.com pixel.sojern.com	25 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com dsum-sec.casalemedia.com	4 KB
5	googletagservices.com www.googletagservices.com	107 KB
5	adara.com js.adara.com sdk.adara.com	2 KB
5	google.de www.google.de adservice.google.de	463 B
5	esky.pl cdnstatic1.esky.pl	257 KB
4	wtg-ads.com lib.wtg-ads.com	184 KB
4	facebook.com www.facebook.com	199 B
4	facebook.net connect.facebook.net	167 KB
4	google-analytics.com www.google-analytics.com	62 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	openx.net 1 redirects waytogrow-d.openx.net eu-u.openx.net us-u.openx.net	1 KB
3	jsdelivr.net cdn.jsdelivr.net	3 KB
3	clicktripz.com 1 redirects www.clicktripz.com static.clicktripz.com	2 KB
3	bing.com bat.bing.com	9 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	de17a.com 2 redirects d5p.de17a.com	722 B
2	admedo.com 2 redirects pool.admedo.com	715 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	ipresso.pl media-edestinos-com-br.ipresso.pl perun.ipresso.pl	11 KB
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1012 B
2	googletagmanager.com www.googletagmanager.com	106 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	536 B
1	2mdn.net s2.2mdn.net	31 KB
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	teads.tv a.teads.tv	365 B
1	a-mo.net prebid.a-mo.net	369 B
1	adform.net adx.adform.net	452 B
1	youtube.com fcmatch.youtube.com	546 B
1	yieldlab.net ad.yieldlab.net	360 B
1	pubmatic.com 1 redirects simage2.pubmatic.com	609 B
1	travelaudience.com 1 redirects ads.travelaudience.com	868 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	connectad.io Failed i.connectad.io Failed
237	49

	Domain	Requested by
29	www.edestinos.com.br	www.edestinos.com.br
19	static1.eskypartners.com	www.edestinos.com.br
18	cm.g.doubleclick.net	9 redirects www.edestinos.com.br googleads.g.doubleclick.net afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
13	pagead2.googlesyndication.com	www.edestinos.com.br afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
10	4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io	www.edestinos.com.br
9	compare.edestinos.com	www.edestinos.com.br compare-static.edestinos.com
7	tpc.googlesyndication.com	afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
7	cdn.doubleverify.com	afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com cdn.doubleverify.com www.edestinos.com.br ad.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	www.edestinos.com.br afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com tpc.googlesyndication.com
5	img.riskified.com
5	www.googletagservices.com	lib.wtg-ads.com securepubads.g.doubleclick.net afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
5	ib.adnxs.com	3 redirects www.edestinos.com.br googleads.g.doubleclick.net
5	cdnstatic1.esky.pl	www.edestinos.com.br
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	lib.wtg-ads.com	www.googletagmanager.com lib.wtg-ads.com
4	pixel.sojern.com	static.sojern.com
4	sdk.adara.com	www.edestinos.com.br
4	www.facebook.com	connect.facebook.net www.edestinos.com.br
4	googleads.g.doubleclick.net	www.googleadservices.com afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com www.edestinos.com.br
4	www.google.de	www.edestinos.com.br
4	connect.facebook.net	www.edestinos.com.br connect.facebook.net
4	progress.edestinos.com.br	www.edestinos.com.br progress.edestinos.com.br
4	www.google-analytics.com	www.edestinos.com.br www.google-analytics.com
3	tps20238.doubleverify.com	cdn.doubleverify.com
3	tps20240.doubleverify.com	cdn.doubleverify.com
3	x.bidswitch.net	3 redirects
3	tps20518.doubleverify.com	afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com www.edestinos.com.br
3	cdn.jsdelivr.net	www.edestinos.com.br
3	compare-static.edestinos.com	www.edestinos.com.br compare-static.edestinos.com
3	accounts.google.com	www.edestinos.com.br
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.edestinos.com.br
2	ups.analytics.yahoo.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pool.admedo.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	c.riskified.com	www.edestinos.com.br
2	afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.clicktripz.com	1 redirects www.edestinos.com.br
2	tag.yieldoptimizer.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure.adnxs.com	2 redirects
2	static.sojern.com	www.googletagmanager.com static.sojern.com
2	stats.g.doubleclick.net	www.edestinos.com.br
2	blog.edestinos.com.br	www.edestinos.com.br
2	www.googletagmanager.com	www.edestinos.com.br
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	s2.2mdn.net	afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
1	static.clicktripz.com	compare-static.edestinos.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	fastlane.rubiconproject.com	www.edestinos.com.br
1	htlb.casalemedia.com	www.edestinos.com.br
1	waytogrow-d.openx.net	www.edestinos.com.br
1	a.teads.tv	www.edestinos.com.br
1	prebid.a-mo.net	www.edestinos.com.br
1	adx.adform.net	www.edestinos.com.br
1	perun.ipresso.pl	media-edestinos-com-br.ipresso.pl
1	beacon.riskified.com	www.edestinos.com.br
1	media-edestinos-com-br.ipresso.pl	www.edestinos.com.br
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	ad.yieldlab.net	www.edestinos.com.br
1	simage2.pubmatic.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	secure.edestinos.com.br	www.edestinos.com.br
1	js.adara.com	www.edestinos.com.br
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	www.edestinos.com.br
0	i.connectad.io Failed	www.edestinos.com.br
237	81

This site contains links to these domains. Also see Links.

Domain
carros.edestinos.com.br
app.edestinos.com.br
go.edestinos.com.br
blog.edestinos.com.br
play.google.com
apps.apple.com
appgallery7.huawei.com
copaair.edestinos.com.br
www.facebook.com
www.youtube.com
www.instagram.com
www.edestinos.com.ar
www.edestinos.com.bo
www.edestinos.cl
www.edestinos.com.sv
www.edestinos.com.co
www.edestinos.cr
www.edestinos.com.do
www.edestinos.com.gt
www.edestinos.com.hn
www.edestinos.com.mx
www.edestinos.com.ni
www.edestinos.com.pa
www.edestinos.com.pe
www.edestinos.com.pr
www.edestinos.com.py
www.eskytravel.be
www.esky.ba
www.esky.bg
www.esky.by
www.esky.cz
www.eskytravel.dk
www.eskytravel.de
www.esky.es
www.esky.fr
www.esky.gr
www.esky.hr
www.esky.ie
www.eskytravel.it
www.esky.hu
www.esky.md
www.esky.nl
www.eskytravel.no
www.esky.at
www.esky.pl
www.esky.pt
www.esky.rs
www.esky.ro
www.esky.se
www.esky.sk
www.esky.fi
www.eskytravel.ch
www.esky.co.uk
www.esky.com.eg
www.esky.co.ke
www.esky.co.ma
www.esky.com.ng
www.eskytravel.co.za
www.esky.com.hk
www.esky.com.my
www.eskytravel.ru
www.esky.com.sg
www.esky.com.tr
www.eskytravel.co.nz
www.esky.eu
www.esky.com
www.edestinos.com

Subject Issuer	Validity	Valid
www.edestinos.com R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
static1.eskypartners.com Certum Domain Validation CA SHA2	`2020-08-05` - `2021-08-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.esky.pl Sectigo RSA Organization Validation Secure Server CA	`2021-05-19` - `2022-05-28`	a year	crt.sh
blog.edestinos.com.br R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
js.adara.com GTS CA 1D4	`2021-06-13` - `2021-09-11`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.adara.com Go Daddy Secure Certificate Authority - G2	`2020-05-31` - `2021-07-30`	a year	crt.sh
*.gcp.elastic-cloud.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2021-11-09`	4 months	crt.sh
*.ipresso.pl GeoTrust RSA CA 2018	`2021-05-21` - `2022-06-15`	a year	crt.sh
compare-static.edestinos.com R3	`2021-06-24` - `2021-09-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.riskified.com Amazon	`2021-04-20` - `2022-05-19`	a year	crt.sh
www.clicktripz.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
compare.edestinos.com R3	`2021-06-24` - `2021-09-22`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.clicktripz.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.edestinos.com.br/
Frame ID: D32F52897A56377E6AE550D99A76D598
Requests: 157 HTTP requests in this frame

Frame: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Frame ID: 3C7D5041F4F50A758F98486AF62012CA
Requests: 7 HTTP requests in this frame

Frame: https://www.edestinos.com.br/xstorage.html
Frame ID: 0B97CD7B58C580B0C54A244786734F6F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=175824989237491&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31f00bb94ceb4%26domain%3Dwww.edestinos.com.br%26origin%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252Ff3dbb4cdfe1ae7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FeDestinosBrasil%2F&layout=standard&locale=pt_BR&sdk=joey&share=true&show_faces=true
Frame ID: A5715016ABDB8032FB8FB545F3EF514E
Requests: 1 HTTP requests in this frame

Frame: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 94934D204B3D4426AFE3E98D0E89E141
Requests: 1 HTTP requests in this frame

Frame: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6654E93AB3519BD88593F8546D45C549
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjMpfCZATAB&v=APEucNUoogDR3a2GyqScG9IZT_qdmcvVi9CH1MQr2WsyiGaIPDJLNR-gCGoW0VbwTt7yM0xTiGywb0_pnPLlTWzAjDR66sBAlIWFATVAPP_5djO1GuU0kIPFu-qEXRqZYnxtykpzzx1pyKXbYK3nlIHhhYSn9BiuN0vPmLmZw_xNlsYxvG2bctY
Frame ID: 0C69BF635E5924C8111013516E807CF6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FDBB07FB6C214E1FDF92596E24168E33
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4135B4AAB1D4BD9D9C1CB7436E32B831
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5370EF78494F9BC05EAA018ED2A4142C
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 5A05854948872E6F9D2852E4EE3148A4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 2CB47EB071675258B7F7A9FBA3E7EB91
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0F987DF56081BE5F751E4FD1BF0BA6DA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1534.js
Frame ID: 462FA37F06146A12477C8090EBFA8E0A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99BBB3A703DC7A517724B6620F2B0193
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1534.js
Frame ID: 268650C44EB7227EE785C4D3A490DBA4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

237
Requests

100 %
HTTPS

42 %
IPv6

49
Domains

81
Subdomains

58
IPs

8
Countries

3713 kB
Transfer

8915 kB
Size

24
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://carros.edestinos.com.br/?preflang=br&cor=br&adplat=hpHeader&adcamp=whitelabeledestinosBR
Title: Carros

Search URL Search Domain Scan URL

URL: https://app.edestinos.com.br/?utm_source=edestinos.com.br&utm_medium=menu
Title: Aplicativo móvel

Search URL Search Domain Scan URL

URL: https://go.edestinos.com.br/travel-restrictions
Title: Regras de viagem

Search URL Search Domain Scan URL

URL: https://carros.edestinos.com.br/?preflang=br&cor=br&adplat=hpQSF&adcamp=whitelabeledestinosBR
Title: Carros

Search URL Search Domain Scan URL

URL: https://go.edestinos.com.br/para-onde-e-possivel-voar
Title: Veja no mapa >>

Search URL Search Domain Scan URL

URL: https://app.edestinos.com.br/
Title: Baixe e aproveite as ofertas

Search URL Search Domain Scan URL

URL: https://blog.edestinos.com.br/2021/01/melhores-lugares-do-brasil-para-pescar/

Search URL Search Domain Scan URL

URL: https://blog.edestinos.com.br/2020/12/6-destinos-para-quem-quer-relaxar-no-ano-novo/

Search URL Search Domain Scan URL

URL: https://blog.edestinos.com.br/
Title: Mais

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.edestinos&hl=pt-br&referrer=utm_source%3DAppWrapper%26utm_campaign%3DAndroidBR

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/id892327289?l=pt

Search URL Search Domain Scan URL

URL: https://appgallery7.huawei.com/#/app/C102120313

Search URL Search Domain Scan URL

URL: https://carros.edestinos.com.br/?preflang=br&cor=br&adplat=hpFooter&adcamp=whitelabeledestinosBR
Title: Aluguel de carros

Search URL Search Domain Scan URL

URL: https://app.edestinos.com.br/?utm_source=edestinos.com.br&utm_medium=footer
Title: Aplicativo móvel

Search URL Search Domain Scan URL

URL: https://copaair.edestinos.com.br/
Title: Copa

Search URL Search Domain Scan URL

URL: https://www.facebook.com/eDestinosBrasil/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eDestinoscombr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/edestinos/

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.ar/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.bo/
Title: Bolivia

Search URL Search Domain Scan URL

URL: https://www.edestinos.cl/
Title: Chile

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.sv/
Title: El Salvador

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.co/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://www.edestinos.cr/
Title: Costa Rica

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.do/
Title: República Dominicana

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.gt/
Title: Guatemala

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.hn/
Title: Honduras

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.mx/
Title: México

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.ni/
Title: Nicaragua

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.pa/
Title: Panamá

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.pe/
Title: Perú

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.pr/
Title: Puerto Rico

Search URL Search Domain Scan URL

URL: https://www.edestinos.com.py/
Title: Paraguay

Search URL Search Domain Scan URL

URL: https://www.eskytravel.be/
Title: België

Search URL Search Domain Scan URL

URL: https://www.esky.ba/
Title: Bosna i Hercegovina

Search URL Search Domain Scan URL

URL: https://www.esky.bg/
Title: България

Search URL Search Domain Scan URL

URL: https://www.esky.by/
Title: Белоруссия

Search URL Search Domain Scan URL

URL: https://www.esky.cz/
Title: Česká republika

Search URL Search Domain Scan URL

URL: https://www.eskytravel.dk/
Title: Danmark

Search URL Search Domain Scan URL

URL: https://www.eskytravel.de/fluge
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://www.esky.es/
Title: Espańa

Search URL Search Domain Scan URL

URL: https://www.esky.fr/
Title: France

Search URL Search Domain Scan URL

URL: https://www.esky.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www.esky.hr/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www.esky.ie/
Title: Ireland

Search URL Search Domain Scan URL

URL: https://www.eskytravel.it/
Title: Italia

Search URL Search Domain Scan URL

URL: https://www.esky.hu/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://www.esky.md/
Title: Moldova

Search URL Search Domain Scan URL

URL: https://www.esky.nl/
Title: Nederland

Search URL Search Domain Scan URL

URL: https://www.eskytravel.no/
Title: Norge

Search URL Search Domain Scan URL

URL: https://www.esky.at/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://www.esky.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://www.esky.pt/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://www.esky.rs/
Title: Srbija

Search URL Search Domain Scan URL

URL: https://www.esky.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.esky.se/
Title: Sverige

Search URL Search Domain Scan URL

URL: https://www.esky.sk/
Title: Slovensko

Search URL Search Domain Scan URL

URL: https://www.esky.fi/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.eskytravel.ch/
Title: Schweiz

Search URL Search Domain Scan URL

URL: https://www.esky.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.esky.com.eg/
Title: Egypt

Search URL Search Domain Scan URL

URL: https://www.esky.co.ke/
Title: Kenya

Search URL Search Domain Scan URL

URL: https://www.esky.co.ma/
Title: Maroc

Search URL Search Domain Scan URL

URL: https://www.esky.com.ng/
Title: Nigeria

Search URL Search Domain Scan URL

URL: https://www.eskytravel.co.za/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://www.esky.com.hk/
Title: Hong Kong

Search URL Search Domain Scan URL

URL: https://www.esky.com.my/
Title: Malaysia

Search URL Search Domain Scan URL

URL: https://www.eskytravel.ru/
Title: Россия

Search URL Search Domain Scan URL

URL: https://www.esky.com.sg/
Title: Singapore

Search URL Search Domain Scan URL

URL: https://www.esky.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://www.eskytravel.co.nz/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www.esky.eu/
Title: eSky.eu

Search URL Search Domain Scan URL

URL: https://www.esky.com/
Title: eSky.com

Search URL Search Domain Scan URL

URL: https://www.edestinos.com/
Title: eDestinos.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://ads.travelaudience.com/trg.gif?ds=dp&acc=ES&pt=5&lvl=1&la=PT&exid=ed51764f-cae7-5574-8c40-1c2eab758b4d HTTP 307
https://secure.adnxs.com/px?bidder=320&seg=4564892&external_uid=EA60E63F1F624784BB88C5287D4969A3&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw%26piggybackCookie%3DEA60E63F1F624784BB88C5287D4969A3%26r%3Dhttps%253A%252F%252Fcm.g.doubleclick.net%252Fpixel%253Fgoogle_nid%253Dta%2526google_cm%2526google_hm%253D6mDmPx9iR4S7iMUofUlpow2%2526google_redir%253Dhttps%25253A%25252F%25252Fad.yieldlab.net%25252Fm%25253Fdm_id%25253D57205%252526ext_id%25253DEA60E63F1F624784BB88C5287D4969A3 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fbidder%3D320%26seg%3D4564892%26external_uid%3DEA60E63F1F624784BB88C5287D4969A3%26redir%3Dhttps%253A%252F%252Fsimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw%2526piggybackCookie%253DEA60E63F1F624784BB88C5287D4969A3%2526r%253Dhttps%25253A%25252F%25252Fcm.g.doubleclick.net%25252Fpixel%25253Fgoogle_nid%25253Dta%252526google_cm%252526google_hm%25253D6mDmPx9iR4S7iMUofUlpow2%252526google_redir%25253Dhttps%2525253A%2525252F%2525252Fad.yieldlab.net%2525252Fm%2525253Fdm_id%2525253D57205%25252526ext_id%2525253DEA60E63F1F624784BB88C5287D4969A3 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw&piggybackCookie=EA60E63F1F624784BB88C5287D4969A3&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dta%26google_cm%26google_hm%3D6mDmPx9iR4S7iMUofUlpow2%26google_redir%3Dhttps%253A%252F%252Fad.yieldlab.net%252Fm%253Fdm_id%253D57205%2526ext_id%253DEA60E63F1F624784BB88C5287D4969A3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_cm&google_hm=6mDmPx9iR4S7iMUofUlpow2&google_redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdm_id%3D57205%26ext_id%3DEA60E63F1F624784BB88C5287D4969A3 HTTP 302
https://ad.yieldlab.net/m?dm_id=57205&ext_id=EA60E63F1F624784BB88C5287D4969A3&google_error=10

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=npkHpOAZbtXy19zRaMTWxQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&google_gid=CAESEMHalX8fNNuADQ_t9D6w3GY&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_hm=npkHpOAZbtXy19zRaMTWxQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopa3yi4KSv009eopT8JQLqCTKEB1lTz7ObmTzirqmyoszdWthbd--vtEqIZ3nSXNFkx1rOrm_hpRXDWPywJo1wCTA9gYmtiBnPr6aEdKOfS1sx7YZo HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopa3yi4KSv009eopT8JQLqCTKEB1lTz7ObmTzirqmyoszdWthbd--vtEqIZ3nSXNFkx1rOrm_hpRXDWPywJo1wCTA9gYmtiBnPr6aEdKOfS1sx7YZo

Request Chain 91

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1 HTTP 302
https://pixel.sojern.com/idsync/apn?id=4688871192642692480&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1

Request Chain 92

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=e84d1bbd-6e84-4ec8-b2a3-22909a2d320f&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1

Request Chain 93

https://tag.yieldoptimizer.com/ps/ps?t=i&p=6645&_yoid=60c42e5e-474b-4128-8427-fa8eac255531&_yosid=d79d1375-417a-4b18-af22-ebea5b52d143 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=101402379&t=i&p=6645&_yoid=60c42e5e-474b-4128-8427-fa8eac255531&_yosid=d79d1375-417a-4b18-af22-ebea5b52d143 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNDk2ODA0MTExMg&google_sc

Request Chain 143

https://www.clicktripz.com/api/integrations/v1/constrain?publisherAlias=edestinos&r=https%3A%2F%2Fcompare.edestinos.com%2Fapi%2Fintegrations%2Fv1%2Fconstrain%3FpublisherAlias%3Dedestinos%26u%3Dhttps%3A%2F%2Fwww.edestinos.com.br%2F HTTP 302
https://compare.edestinos.com/api/integrations/v1/constrain?publisherAlias=edestinos&u=https%3A%2F%2Fwww.edestinos.com.br%2F&_ctuid=f9b491a1-a8a7-4fc7-aa22-828275921da5

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPXVi3q-hlByJRj5WRqK5wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPK6Paq7bRV-BBtlPuWlysM&google_cver=1

Request Chain 166

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4ODg3MTE5MjY0MjY5MjQ4MA%3D%3D

Request Chain 206

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED2OUZamqgmMgl9aviqXXhM&google_cver=1&google_push=AYg5qPIXl4aatqbCmy5nHctDR0TmS--J6wyAt4zAyX5yXNuslFOCHx7kHwCplan0YvmPiryqE7-wvYyG2IEMVmgIX51Cm1gxMBw3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5NjU3MjUwMjg5NzQ0NzEzNA== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESED2OUZamqgmMgl9aviqXXhM&google_cver=1

Request Chain 207

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEcV8s8OVPquOqyIeVJDiU4&google_cver=1&google_push=AYg5qPKkaqiTzNl50rIqrxry9gelXa8KSydOvQybHoaUbPlwi6BTJ7PMNBm8GvedTcuJtMqRN7h7t_tCCVaWaWbFgny-8l133PY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcV8s8OVPquOqyIeVJDiU4&google_push=AYg5qPKkaqiTzNl50rIqrxry9gelXa8KSydOvQybHoaUbPlwi6BTJ7PMNBm8GvedTcuJtMqRN7h7t_tCCVaWaWbFgny-8l133PY

Request Chain 208

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKL_0Zk1lPDH9BQ_Gy61XxI&google_cver=1&google_push=AYg5qPLN8uMjUJYaKe0Hnj9c3T-Tvl5CexmbmcgT_Af4uoCSK0jKFDIPXiVANsnLa6xyWqk72emXepQHpqEsNFd2iDCFsFMmTz_m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjcyNTE5NDIxNTU4NTk0Mg%3D%3D&google_push=AYg5qPLN8uMjUJYaKe0Hnj9c3T-Tvl5CexmbmcgT_Af4uoCSK0jKFDIPXiVANsnLa6xyWqk72emXepQHpqEsNFd2iDCFsFMmTz_m

Request Chain 209

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECzKE39QFK_1teKuTBtaXPg&google_cver=1&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpnpZViUnUj2HTsqxY4NE9ug07eNaosqW7FUHIyMEs HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECzKE39QFK_1teKuTBtaXPg&google_cver=1&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpnpZViUnUj2HTsqxY4NE9ug07eNaosqW7FUHIyMEs&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-zLPHW1ZT5BrrcsywCW1Mg&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpnpZViUnUj2HTsqxY4NE9ug07eNaosqW7FUHIyMEs

Request Chain 210

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFVObnnqpWD95nWZbZFTINo&google_cver=1&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8g3S96G3y HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFVObnnqpWD95nWZbZFTINo&google_cver=1&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8g3S96G3y HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=99c1d371-23d8-4f9b-80fd-533a0ea6e3c6 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=99c1d371-23d8-4f9b-80fd-533a0ea6e3c6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=31689816-a9bf-49d8-a1ef-724df26519a2&user_group=1&ssp=google&bsw_param=99c1d371-23d8-4f9b-80fd-533a0ea6e3c6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8g3S96G3y&google_hm=mcHTcSPYT5uA_VM6Dqbjxg==

Request Chain 211

https://d5p.de17a.com/cookies/google?google_gid=CAESEPdtX4WnHgrtA-BImwKx2bQ&google_cver=1&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eSn_lwT HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPdtX4WnHgrtA-BImwKx2bQ&google_cver=1&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eSn_lwT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eSn_lwT

Request Chain 212

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJJbWzX42_V0tFO-B5nRRXM&google_cver=1&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1cdmW3MPb5Rz6W_DEKjn_n9-1QHpkg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJJbWzX42_V0tFO-B5nRRXM&google_cver=1&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1cdmW3MPb5Rz6W_DEKjn_n9-1QHpkg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DVGdFQ2N0RTJ1Rk1QMHlBR21Yay5KMkguYmJ3S21aNX5B&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1cdmW3MPb5Rz6W_DEKjn_n9-1QHpkg

Request Chain 225

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9e03f451-42d1-4b9a-bb2e-cbadf365c8c9&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHL-H2UqeupXjClqq0XUUYI&google_cver=1&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA

237 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.edestinos.com.br/ 193 KB
35 KB 260ms
153ms Document
text/html 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

8d61c242877c608eea9ec1b5327d1c034112370be1fa3189a7d4328bf5fa6e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.edestinos.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
esky-correlation-id: CEC46955-87E9-3905-55E8-DB8338320493
x-generated-by: dbr30-b1477
content-language: pt-BR
esky-resource-type: landing-page-main
x-request-id: 5c2fc4003a7a90ef1a24b23992d2cae68c2d2e93
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
server: esky-edge
content-length: 35145
cache-control: public, max-age=2911
expires: Mon, 19 Jul 2021 20:30:31 GMT
date: Mon, 19 Jul 2021 19:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
referrer-policy: strict-origin-when-cross-origin

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c30d83819fc5e367121c9035b6edf085c271b83735470e55c40e0d8a27fd61dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 18:23:04 GMT
server: ESF
date: Mon, 19 Jul 2021 19:42:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H2 200 orb.js Show response
www.edestinos.com.br/res/b1477/eui/js/vendor/orb/ 7 KB
3 KB 39ms
39ms Script
application/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

43b178425d446a2288c22fb55cc55a782df42c5633ea215979200aeaabf1f5d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/js/vendor/orb/orb.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3170
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Jun 2018 06:00:01 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=662214
accept-ranges: bytes
expires: Tue, 27 Jul 2021 11:38:54 GMT

GET
H2 200 default.css
www.edestinos.com.br/res/b1477/eui/css/default/templates/ 170 KB
28 KB 40ms
40ms Stylesheet
text/css 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

1f60080d630d2b46cc8d126826d426ca8543ae2c655f13907abc73d13a103ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/css/default/templates/default.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 28564
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Jul 2021 09:49:11 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=662219
accept-ranges: bytes
expires: Tue, 27 Jul 2021 11:38:59 GMT

GET
H2 200 normal.css
www.edestinos.com.br/res/b1477/eui/css/default/pages/mainpage/ 86 KB
14 KB 48ms
48ms Stylesheet
text/css 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/css/default/pages/mainpage/normal.css

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

910d91ab94b89405d1eddb3f4384311fdd674898430c61a2d0ea921fc5474abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/css/default/pages/mainpage/normal.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 13931
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Jul 2021 09:49:11 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=671348
accept-ranges: bytes
expires: Tue, 27 Jul 2021 14:11:08 GMT

GET
H2 200 edestinosdbr30-raw-white.svg
static1.eskypartners.com/logos/ 3 KB
4 KB 123ms
38ms Image
image/svg+xml 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/logos/edestinosdbr30-raw-white.svg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 509d2ceca3c04330ea117c8381e4462c4db7d235e618e6a5681e5c7454dca9e3

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 21:02:46 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2017 06:07:08 GMT
server: esky-edge
age: 81554
etag: "5915510c-dee"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
content-length: 3566
x-amz-cf-id: aZItEQq2g3JKs9R0L2V9Vc2O4JkKSKCkggxKIlOLumE3gJOveMxQAA==
expires: Sun, 25 Jul 2021 21:02:46 GMT

GET
H2 200 illustration-default-user_zone.svg
www.edestinos.com.br/_fe/img/ 6 KB
7 KB 100ms
97ms Image
image/svg+xml 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/illustration-default-user_zone.svg?s=80x80

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

5a2a198416a1d73546134591584fb18514afee0178abff956b7a011b1c1122af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/illustration-default-user_zone.svg?s=80x80
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 20:48:15 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"199a-t3XDdl5g48AJjFNTYrNESGLwPXs"
x-generated-by: pms-b26
vary: Accept
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=1897
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 6554
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:13:37 GMT

GET
H2 200 icon_google_multicolor.svg
www.edestinos.com.br/_fe/img/ 849 B
1 KB 101ms
98ms Image
image/svg+xml 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_google_multicolor.svg?s=20x20

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

1f5059958c454cf7d0c7d5f61720b3bff25696bfe8b4bcb646ea7f5e2db2544a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/icon_google_multicolor.svg?s=20x20
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 20:48:16 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"351-G13Rhgrapqple0E5+IAgorL+fz0"
x-generated-by: pms-b26
vary: Accept
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=1840
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 849
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:12:40 GMT

GET
H2 200 icon_facebook_multicolor.svg
www.edestinos.com.br/_fe/img/ 507 B
875 B 103ms
100ms Image
image/svg+xml 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_facebook_multicolor.svg?s=20x20

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

8ec4492afe1e481486c6a8a88f72da907c2dbe4722462d3d9914157f8a377914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/icon_facebook_multicolor.svg?s=20x20
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 20:48:15 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"1fb-+qzx/5LgSh+hos/xm8LpOjLxogc"
x-generated-by: pms-b26
vary: Accept
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=1716
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 507
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:10:36 GMT

GET
H2 200 icon_mail.svg
www.edestinos.com.br/_fe/img/ 423 B
791 B 135ms
133ms Image
image/svg+xml 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/icon_mail.svg?s=20x20

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

aeed0a8042545b68356b6224994aea4299111d9677a5b57ab3d7848804a04c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/icon_mail.svg?s=20x20
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 20:48:15 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"1a7-v5VRNBvNHJudPOt+H0hqXnEBWl4"
x-generated-by: pms-b26
vary: Accept
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=1842
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 423
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:12:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5682
date: Mon, 19 Jul 2021 18:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 19 Jul 2021 20:07:18 GMT

GET
H2 200 getjsconfig Show response
www.edestinos.com.br/ 705 B
933 B 266ms
266ms Script
text/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/getjsconfig?source=dbr_mainpage_index&partnerCode=EDESTINOS

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

8f74505ba88402364effea9bd821a4dd6d28b3c59dbdb13814ceede5be692b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /getjsconfig?source=dbr_mainpage_index&partnerCode=EDESTINOS
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
esky-correlation-id: 465CC14D-E2E8-846D-4879-CC5E9953E1A1
vary: Accept-Encoding
content-length: 405
x-generated-by: dbr30-b1477
x-request-id: f1f12aaa936b4d06205ddddc7492bfc2a1582fdf
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
esky-resource-type: dynamic
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-language: pt-BR
x-xss-protection: 1; mode=block
cache-control: max-age=0, no-cache, no-store
set-cookie: uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; expires=Sat, 19-Jul-2031 19:42:00 GMT; Max-Age=315532800; path=/
accept-ranges: bytes
content-type: text/javascript; charset=UTF-8
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H2 200 common.js Show response
www.edestinos.com.br/res/b1477/eui/js/ 861 KB
243 KB 54ms
52ms Script
application/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/js/common.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

d90656ac523e5042c1d482183854c8fe83c21facb9497e3238185a65051fcae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/js/common.js
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 248076
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Jul 2021 10:05:41 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=662306
accept-ranges: bytes
expires: Tue, 27 Jul 2021 11:40:26 GMT

GET
H2 200 pt_br.js Show response
www.edestinos.com.br/res/b1477/eui/js/partners-locale/ 1 KB
1 KB 75ms
73ms Script
application/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/js/partners-locale/pt_br.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

ea03d89ac1ae3b8f4022a4e357735baa3e9338db11723d87cba28baee07bb394

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/js/partners-locale/pt_br.js
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 752
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Jul 2021 10:05:41 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=662309
accept-ranges: bytes
expires: Tue, 27 Jul 2021 11:40:29 GMT

GET
H2 200 prod_pt_br.js Show response
www.edestinos.com.br/res/b1477/common/js-routing/ 6 KB
1 KB 75ms
73ms Script
application/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/common/js-routing/prod_pt_br.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

9ac09ac41e88d99d1c483ee7e89fca19d4bebfabb3bfff6dd4ee463efdc1bf7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/common/js-routing/prod_pt_br.js
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 955
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Jul 2021 10:51:10 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=662284
accept-ranges: bytes
expires: Tue, 27 Jul 2021 11:40:04 GMT

GET
H2 200 normal.js Show response
www.edestinos.com.br/res/b1477/eui/js/mainpage/ 32 KB
10 KB 75ms
74ms Script
application/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/js/mainpage/normal.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

d8db5a6fb6fe12585e5cd8bdaee8d372cc3d65d94becf4ab67be33240d5bf667

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/js/mainpage/normal.js
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 9574
x-generated-by: dbr30-b1477
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 13 Jul 2021 10:05:40 GMT
server: esky-edge
esky-resource-type: static
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=671435
accept-ranges: bytes
expires: Tue, 27 Jul 2021 14:12:35 GMT

GET
H2 200 spcjs.php Show response
progress.edestinos.com.br/www/delivery/ 2 KB
944 B 229ms
201ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://progress.edestinos.com.br/www/delivery/spcjs.php?id=14&page=main_page_carousel&from=&to=&fromcountry=&tocountry=
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: esky-edge /
Resource Hash: 2d1b9fd515aed1376aaa3eb09ebb7859cb1c3952e88ee727b00fcc46ec1d939a

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

gd: off
content-encoding: gzip
server: esky-edge
date: Mon, 19 Jul 2021 19:42:00 GMT
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: application/x-javascript
content-length: 767
expires: Tue, 20 Jul 2021 19:42:00 +0000

GET
H2 200 rum-client.min.js Show response
www.edestinos.com.br/_fe/ 7 KB
3 KB 100ms
98ms Script
text/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/_fe/rum-client.min.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

1cf0048ed782c95cf314d2729c3ea38d8e8ddc0a157251ec009a6683a4f9465c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/rum-client.min.js
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
etag: W/"1c48-16d3eaae838"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=2081
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 2646
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:16:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 291 KB
56 KB 101ms
100ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-47TP

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e230e90fb4dff404215f964d520509a601f7da2ac4e043eaecb190d6ba70ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57595
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 18:49:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:16:36 GMT
x-content-type-options: nosniff
age: 545124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:16:36 GMT

GET
H2 200 hero_edestinos_24.06.21.jpg
www.edestinos.com.br/_fe/img/ 47 KB
47 KB 111ms
111ms Image
image/webp 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/hero_edestinos_24.06.21.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

17a0dfbafd41dd2f80ee66c34c85bc17a2fbf817faa2c90326619ff22de39aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/hero_edestinos_24.06.21.jpg
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 13:28:16 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"ba2c-+TDUyPgIorjoi5cSgs/P/hdW3K0"
x-generated-by: pms-b26
vary: Accept
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: public, max-age=1379
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 47660
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:04:59 GMT

GET
H3-29 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
28 KB 21ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 10:37:41 GMT
x-content-type-options: nosniff
age: 551059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 10:37:41 GMT

GET
H2 200 eSKY.ttf
www.edestinos.com.br/res/b1477/eui/fonts/ 156 KB
157 KB 65ms
64ms Font
application/font-sfnt 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/res/b1477/eui/fonts/eSKY.ttf?9d02gm

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

e2ef241477a72c3af9943b998d8c9bc06b48eeed7e36eb6ffef01eea189fa120

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: firstTimeVisit=202107192142
:path: /res/b1477/eui/fonts/eSKY.ttf?9d02gm
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.edestinos.com.br
Referer: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: esky-edge
esky-resource-type: static
x-generated-by: dbr30-b1477
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: application/font-sfnt
x-xss-protection: 1; mode=block
cache-control: max-age=662344
accept-ranges: bytes
content-length: 159824
x-content-type-options: nosniff
expires: Tue, 27 Jul 2021 11:41:04 GMT

GET
H3-29 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ 16 KB
16 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 17:45:32 GMT
x-content-type-options: nosniff
age: 6988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:43:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:45:32 GMT

GET
H2 200 BR-SG-17-02-21.jpg
www.edestinos.com.br/_fe/img/ 13 KB
14 KB 103ms
103ms Image
image/webp 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/BR-SG-17-02-21.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

8041e2a9ca3fda9b61d1ba8e03aa6f24d6a82ddf00e188e5fb5bdabf47ed3c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/BR-SG-17-02-21.jpg
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 04:58:21 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"35e6-T0b9dZ8yCUvfUw9OgJ/2e3+whX4"
x-generated-by: pms-b26
vary: Accept
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: public, max-age=1167
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 13798
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:01:27 GMT

GET
H2 200 El-Salvador_344x463.jpg
cdnstatic1.esky.pl/inspiracje/ 22 KB
22 KB 158ms
42ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic1.esky.pl/inspiracje/El-Salvador_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

77f9d29a130cda770522c5915fcbe0ad6938322c29a744dafb39ef40ef0557fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 10:43:59 GMT
server: nginx
etag: W/"5acc956f-56d7"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=15768000; includeSubDomains; preload;

GET
H2 200 Rio-de-Janeiro_344x463.jpg
cdnstatic1.esky.pl/inspiracje/ 21 KB
21 KB 244ms
128ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic1.esky.pl/inspiracje/Rio-de-Janeiro_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

66b17edb182cb19876e48edaf21223635a04c0140680a1d0c73316d63b097e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 10:43:58 GMT
server: nginx
etag: W/"5acc956e-5322"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=15768000; includeSubDomains; preload;

GET
H2 200 Sao-Paulo_344x463.jpg
cdnstatic1.esky.pl/inspiracje/ 21 KB
20 KB 244ms
128ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic1.esky.pl/inspiracje/Sao-Paulo_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

d69f3ce396bfb71583a896e65b21503e73333927d2be1be90f2ed0090c1ab3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 10:43:58 GMT
server: nginx
etag: W/"5acc956e-531a"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=15768000; includeSubDomains; preload;

GET
H2 200 Denver_344x463.jpg
cdnstatic1.esky.pl/inspiracje/ 98 KB
98 KB 213ms
98ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic1.esky.pl/inspiracje/Denver_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

d6d43cbc84c02420ccb5125f0b4748236ca8f788fa6d56b446b952a280c8dfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 13:27:42 GMT
server: nginx
etag: W/"605de14e-187d5"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=15768000; includeSubDomains; preload;

GET
H2 200 Honolulu_344x463.jpg
cdnstatic1.esky.pl/inspiracje/ 96 KB
96 KB 244ms
128ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic1.esky.pl/inspiracje/Honolulu_344x463.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

2a30a609229c2deea1b1aa3b8561dbbacc9e1eccedf73b58eb431337d9ac9844

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 13:26:25 GMT
server: nginx
etag: W/"605de101-17e73"
vary: Accept-Encoding
content-type: image/jpeg
strict-transport-security: max-age=15768000; includeSubDomains; preload;

GET
H2 200 BLOG-Alta-Pesca-768x290.jpg
blog.edestinos.com.br/wp-content/uploads/2018/09/ 37 KB
37 KB 121ms
40ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.edestinos.com.br/wp-content/uploads/2018/09/BLOG-Alta-Pesca-768x290.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

a10d00b27baae9c983ee284730cd236923bec6415f372b7d74e6ba72c16088b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
last-modified: Wed, 12 Sep 2018 17:53:20 GMT
server: nginx
etag: "5b995290-94a8"
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 38056
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BLOG-Alta-Ano-Novo-Relax-768x328.jpg
blog.edestinos.com.br/wp-content/uploads/2019/12/ 41 KB
42 KB 175ms
93ms Image
image/jpeg 46.242.128.69
HOMEPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.edestinos.com.br/wp-content/uploads/2019/12/BLOG-Alta-Ano-Novo-Relax-768x328.jpg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.242.128.69 , Poland, ASN12824 (HOMEPL-AS, PL),

Reverse DNS

1393795-7586.iaas.home-whs.pl

Software

nginx /

Resource Hash

776e57ff0d34a2d78178624cca3a66865e514ec43cc28faf15afc64c97222c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
last-modified: Mon, 23 Dec 2019 17:32:18 GMT
server: nginx
etag: "5e00fa22-a5bc"
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 42428
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stars_desktop.png
www.edestinos.com.br/res/b1477/eui/img/ 15 KB
15 KB 90ms
89ms Image
image/png 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/res/b1477/eui/img/stars_desktop.png

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

095c021af173fc972093ffe60ac7cdf1a6d492efb0086f73c757755deb6016df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/img/stars_desktop.png
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: esky-edge
esky-resource-type: static
x-generated-by: dbr30-b1477
vary: Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-length: 15037
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H2 200 sprite_footer.png
www.edestinos.com.br/res/b1477/eui/img/ 46 KB
45 KB 96ms
95ms Image
image/png 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/res/b1477/eui/img/sprite_footer.png

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

07897191cd959b6e14ba893751d87caeea11ec4798d0a59fed4599f00678ca0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res/b1477/eui/img/sprite_footer.png
pragma: no-cache
cookie: firstTimeVisit=202107192142
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/res/b1477/eui/css/default/templates/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: esky-edge
esky-resource-type: static
x-generated-by: dbr30-b1477
vary: Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-length: 45378
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H3-29 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 37 KB
37 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 02:12:39 GMT
x-content-type-options: nosniff
age: 581361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38108
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 02:12:39 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 130 KB
43 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TG8K796&cid=1477734896.1626723721

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6acf1e7a7ab40b3d88924b94f68b3bbc1c38cc11a125b2f3d9db07d1a5120dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43897
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H2 200 footer-phone-pt_BR.png
www.edestinos.com.br/_fe/img/ 11 KB
12 KB 95ms
94ms Image
image/png 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.edestinos.com.br/_fe/img/footer-phone-pt_BR.png?s=262x295

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

6e9fa5b3d637708f66192f60a20921522ee81e9c32834131738d40ed4e34b098

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_fe/img/footer-phone-pt_BR.png?s=262x295
pragma: no-cache
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon Jul 19 2021 05:40:14 GMT+0200 (Central European Summer Time)
server: esky-edge
etag: W/"2d23-RA/w/Esqr3amX8tL+2Gq+xFJqcU"
x-generated-by: pms-b26
vary: Accept
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=3075
strict-transport-security: max-age=15768000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 11555
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 20:33:15 GMT

GET
H3-29 200 o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v12/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 12:45:25 GMT
x-content-type-options: nosniff
age: 543395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10504
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 12:45:25 GMT

GET
H3-29 200 o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2
fonts.gstatic.com/s/notosans/v12/ 32 KB
32 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr6zRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

991abdc346b6a97f4f845358e7e800ce9330427254cf7d1073d9d0048b93749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 06:23:11 GMT
x-content-type-options: nosniff
age: 566329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32524
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:51:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 06:23:11 GMT

GET
H3-29 200 o-0IIpQlx3QUlC5A4PNr5jRAW_0.woff2
fonts.gstatic.com/s/notosans/v12/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5jRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,700|Noto+Sans:400,700|Source+Code+Pro:400,700&subset=latin,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ef128c036399616dd0f0f84c29bd0b8989c82fc4827cafe36171b42b5b62a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.edestinos.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 03:22:22 GMT
x-content-type-options: nosniff
age: 577178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12896
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 03:22:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-47TP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: 63871CEDD15A440D996AC584825F440B Ref B: FRAEDGE1217 Ref C: 2021-07-19T19:42:00Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 92ms
37ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-47TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

255b564f51555254a3a189315254611bac81e318ed25f6b577f2deed8c49ce9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13897
x-xss-protection: 0
server: cafe
etag: 1785974167624152338
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Jul 2021 19:42:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
25 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: +eL3K/S0iGYaYghm+YJvOXAvhT39rBrbjcUK6sG99psynsh9+zyQJAAtDnHCyqN6LOybgQ9wNruACrddg4VY/A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Mon, 19 Jul 2021 19:42:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
50 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45c94d025481329c9d4845495385ac6f097685dff414c0cee4e8a115e16f0a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51112
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 18:49:52 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Jul 2021 19:42:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-21804834-1&cid=1477734896.1626723721&jid=532769058&gjid=1376844561&_gid=155043288.1626723721&_u=aGDAgAADQAAAAE~&z=333805756

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Jul 2021 19:42:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=624164840&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&ul=en-us&de=UTF-8&dt=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADQ~&jid=532769058&gjid=1376844561&cid=1477734896.1626723721&tid=UA-21804834-1&_gid=155043288.1626723721&gtm=2wg7e047TP&cm1=999&z=310250992

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 17:50:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d0a04bb42ef21eeaf2646024a8170784f97703ca5062910d1dd11f643cfe545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yZcx+mLPC/tUCFQTpXA1eA==
cross-origin-resource-policy: cross-origin
expires: Mon, 19 Jul 2021 19:55:43 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: inp05K8OksE9LQPD85OKZdAM5hCw4npjI5Rgn/d/OcT57KGxxFxECtVClolKnYCv7Th0zhM6/ey9P/M4Criv6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 85945e0380a93fc6ccc2d4780f8d1d98
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Jul 2021 19:42:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cefb67a3b6554458704e512fdc1495fb"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 spc.php Show response
progress.edestinos.com.br/www/delivery/ 3 KB
835 B 86ms
84ms Script
application/x-javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://progress.edestinos.com.br/www/delivery/spc.php?zones=EskyBillboardDouble%3D94%7CEskyBillboard%3D93%7CEskyMainCarousel%3D113%7CEskyMainCarouselPartners%3D0%7CEskyFlightsCarousel%3D146%7CEskyAirlinesWideTop%3D0%7CEskyAirlinesWideBottom%3D0%7CEskyAirportsWideTop%3D0%7CEskyAirportsWideBottom%3D0%7CEskyFlightsWideTop%3D0%7CEskyCheapFlightsWideTop%3D0%7CEskyTravelGuideWideTop%3D0%7CEskyTravelGuideWideBottom%3D0%7CEskyTravelGuideSkyscraper%3D0%7CEskyDirectionalsWideTop%3D0%7CEskyFlightsSearchTop%3D455%7C&nz=1&source=&r=91829584&page=main_page_carousel&from=&to=&fromcountry=&tocountry=&charset=UTF-8&loc=https%3A//www.edestinos.com.br/
Requested by: Host: progress.edestinos.com.br
URL: https://progress.edestinos.com.br/www/delivery/spcjs.php?id=14&page=main_page_carousel&from=&to=&fromcountry=&tocountry=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: esky-edge /
Resource Hash: 31c01a6b5ceb668fb95a0585a85d76dd0525a6c8b4602dbd05606172617e0a4d

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
gd: off
content-encoding: gzip
server: esky-edge
date: Mon, 19 Jul 2021 19:42:00 GMT
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: application/x-javascript; charset=UTF-8
content-length: 531
expires: 0

GET
H2 200 fl.js Show response
progress.edestinos.com.br/www/delivery/ 5 KB
2 KB 40ms
38ms Script
application/javascript 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://progress.edestinos.com.br/www/delivery/fl.js
Requested by: Host: progress.edestinos.com.br
URL: https://progress.edestinos.com.br/www/delivery/spcjs.php?id=14&page=main_page_carousel&from=&to=&fromcountry=&tocountry=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: esky-edge /
Resource Hash: 223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

gd: off
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 08:25:54 GMT
server: esky-edge
etag: "15d6-5a08ffc1bc880-gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=343
date: Mon, 19 Jul 2021 19:42:00 GMT
content-length: 1858
accept-ranges: bytes
x-datastream-cache-status: 4
expires: Mon, 19 Jul 2021 19:47:43 GMT

GET
H3-29 200 1544168522524253 Show response
connect.facebook.net/signals/config/ 260 KB
74 KB 138ms
138ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1544168522524253?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

708407b7f71b34226528a5feb768f3874558ed1e06160edb94b6ef2c76641fad

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: N+KCIN4YYy9EUOrmkQaliHaR7w52SZsliASQq65cJl6GirS1ZKGOA2DvGzB9E1d72k6k3JsA9hC3vpON1nYjFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Jul 2021 19:42:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 4036608.js Show response
bat.bing.com/p/action/ 0
92 B 34ms
34ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4036608.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Jul 2021 19:42:00 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 108647F541A74D7DAA93A00A3DF7867F Ref B: FRAEDGE1217 Ref C: 2021-07-19T19:42:00Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-21804834-1&cid=1477734896.1626723721&jid=532769058&_u=aGDAgAADQAAAAE~&z=454348726

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-21804834-1&cid=1477734896.1626723721&jid=532769058&_u=aGDAgAADQAAAAE~&z=454348726

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-136029019-1&cid=1477734896.1626723721&jid=1709269903&gjid=218409120&_gid=155043288.1626723721&_u=aGDAgAADQAAAAE~&z=282283760

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Jul 2021 19:42:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
js.adara.com/ 4 KB
2 KB 74ms
21ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.adara.com/index.js

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

806c5bcf8b4aa73d6dacac571f5d922acb515642f11c673531227a03339fb4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Origin: https://www.edestinos.com.br
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
etag: "6381deeabbede8bebb0724141f0df33ae016951ff2cb8330bc62d8cce7b0abec-br"
x-cache: HIT
fastly-restarts: 1
x-served-by: cache-ams21074-AMS
accept-ranges: bytes
last-modified: Mon, 01 Feb 2021 21:44:18 GMT
x-timer: S1626723721.972123,VS0,VE0
date: Mon, 19 Jul 2021 19:42:00 GMT
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 1530
x-cache-hits: 46134

GET
H2 200 veNk3cJBImq42RsD.html Show response
static.sojern.com/cip/p/ Frame 3C7D 5 KB
5 KB 78ms
20ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 949c2a3a8684bde5dca23be817b9a119706071950c7f9d59b5fed74cb21bb81c

Request headers

:method: GET
:authority: static.sojern.com
:scheme: https
:path: /cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

x-guploader-uploadid: ABg5-UzHLI2n9HjR7OOUxIsInsBHMuSsxUFYXRml7FHqEYi9FpGjZII_9mgYCquPZ9GAesr_JHVHjNoJJRIwAs68eBI
expires: Mon, 19 Jul 2021 20:35:46 GMT
date: Mon, 19 Jul 2021 19:35:46 GMT
last-modified: Wed, 28 Apr 2021 17:01:07 GMT
etag: "28ef7de62c6d2bfd5ae2297e0a834c97"
x-goog-generation: 1619629267368276
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4718
content-type: text/html
x-goog-hash: crc32c=T7k+NQ== md5=KO995ixtK/1a4il+CoNMlw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 4718
server: UploadServer
age: 374
cache-control: public, max-age=3600
alt-svc: clear

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=624164840&t=pageview&_s=1&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&ul=en-us&de=UTF-8&dt=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAADQAAAAE~&jid=1709269903&gjid=218409120&cid=1477734896.1626723721&tid=UA-136029019-1&_gid=155043288.1626723721&gtm=2wg7e0NH83QL6&cm1=999&z=54225315

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 17:50:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/pt_BR/ 227 KB
66 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=add8bd473e21575d6e1b7091df529c7f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

037edc21349985c11531a86154d0880d208e2058575de712860209296d7f70ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.edestinos.com.br
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: C9b5BD/GDyux25ebPfBjKg==
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Jul 2022 18:13:25 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67657
x-fb-rlafr: 0
x-fb-debug: 2numDFaniwfXmsIg14qhslrvMxT7czwDo8RUjf0VVuOAJGI5oylA43VYH712eyzdDKni7/exnGIRPZmXQ7W7eA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 3c54e1088480af8b4a292469a9b77dc8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Jul 2021 19:42:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5cc327abda8f3a58301d2262aa59747b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 25ms
23ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-136029019-1&cid=1477734896.1626723721&jid=1709269903&_u=aGDAgAADQAAAAE~&z=1628159993

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 34ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-136029019-1&cid=1477734896.1626723721&jid=1709269903&_u=aGDAgAADQAAAAE~&z=1628159993

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/?random=1626723720947&cv=9&fst=1626723720947&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dcc0be2b564afdd3c6c9681d8e2191aea9c46d29a1abfde8bf984a275e03590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/ 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016894727/?random=1626723720950&cv=9&fst=1626723720950&num=1&label=GtTzCNuf1WQQh6ry5AM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

412de38693b7f56207cea650e9b964954ccae07da3e2293dcf3ec78e950a85db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 127ms
114ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=175824989237491&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.edestinos.com.br%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=add8bd473e21575d6e1b7091df529c7f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Kqofyztq24qeb4vbAg4U3yzX123N4llRZuJdHXyWdy8Z2JKTzk7RYIdBQqQa+BG4ZwECUFbpfZasbh90Rc4ZRw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Jul 2021 19:42:01 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edestinos.com.br
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 eapi Show response
www.edestinos.com.br/ 238 B
787 B 103ms
103ms XHR
application/json 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/eapi

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

9c55f311eaebe26ec01f3397b675c6376935b26f77e040fb26bcb34ef1d498e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994
partner: EDESTINOS
content-length: 139
:path: /eapi
pragma: no-cache
traceparent: 00-faa2f5b526b79a6404de456b69902e0f-2768ccf5fe535764-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.edestinos.com.br/
X-Requested-With: XMLHttpRequest
traceparent: 00-faa2f5b526b79a6404de456b69902e0f-2768ccf5fe535764-01
partner: EDESTINOS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
esky-correlation-id: 8FA6E2C7-D42D-3DDA-9CB8-F398CB73C803
vary: Accept-Encoding Origin
content-length: 198
x-generated-by: esky_api-b683
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
x-frame-options: SAMEORIGIN
etag: W/"ee-j81hSPvMPab/BMRXixg/eLEJd4I"
x-download-options: noopen
strict-transport-security: max-age=15768000; includeSubDomains; preload;
esky-eapi-status: missing-token
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edestinos.com.br
x-xss-protection: 1; mode=block
cache-control: max-age=0
access-control-allow-credentials: true
set-cookie: esky_uz_uuid=; Domain=.edestinos.com.br; Path=/; Expires=Mon, 19 Jul 2021 19:42:01 GMT
expires: Mon, 19 Jul 2021 19:42:01 GMT

POST
H2 204 cookies Show response
secure.edestinos.com.br/pass/ 0
4 KB 266ms
254ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.edestinos.com.br/pass/cookies?partner_id=EDESTINOS

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' www.edestinos.com.br secure.edestinos.com.br api.edestinos.com secure.eskypartners.com bookings.eskypartners.com .doubleclick.net .facebook.com .google.al .google.am .google.at .google.ba .google.be .google.bg .google.bs .google.by .google.ca .google.cat .google.ch .google.cl .google.cn .google.co .google.co.cr .google.co.id .google.co.il .google.co.in .google.co.jp .google.co.kr .google.co.ma .google.co.nz .google.co.th .google.co.uk .google.co.ve .google.co.za .google.com .google.com.ar .google.com.au .google.com.bo .google.com.br .google.com.co .google.com.cu .google.com.cy .google.com.do .google.com.ec .google.com.eg .google.com.et .google.com.gi .google.com.gt .google.com.hk .google.com.jm .google.com.mt .google.com.mx .google.com.my .google.com.ni .google.com.pa .google.com.pe .google.com.ph .google.com.pr .google.com.py .google.com.qa .google.com.sa .google.com.sg .google.com.sv .google.com.tr .google.com.tw .google.com.ua .google.com.uy .google.com.vn .google.cz .google.de .google.dk .google.dm .google.ee .google.es .google.eu .google.fi .google.fr .google.ge .google.gr .google.hn .google.hr .google.hu .google.ie .google.is .google.it .google.je .google.li .google.lk .google.lt .google.lu .google.lv .google.md .google.me .google.mg .google.mk .google.mn .google.mv .google.nl .google.no .google.pl .google.ro .google.rs .google.ru .google.sc .google.se .google.si .google.sk .google.sm .google.tn .google.us .googleadservices.com .google-analytics.com .gstatic.com .hotelbeds.com .ipresso.pl .riskified.com .bstatic.com asa-isa.com bat.bing.com bat.r.msn.com do1ztk2swfi8z.cloudfront.net images.gta-travel.com media.expedia.com mpsnare.iesnare.com secure.rentalcars.com .esky.pl .eskypartners.com www.tripadvisor.com .esky.com .msecnd.net ads.avocet.io i.travelapi.com uk.cdn-net.com tbs.tradedoubler.com .edestinos.com.br .hotjar.com: ws://.hotjar.com wss://.hotjar.com compare.edestinos.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https://skybox.eskypartners.com; report-uri /csp-report;
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Security-Policy	default-src 'self' www.edestinos.com.br secure.edestinos.com.br api.edestinos.com secure.eskypartners.com bookings.eskypartners.com .doubleclick.net .facebook.com .google.al .google.am .google.at .google.ba .google.be .google.bg .google.bs .google.by .google.ca .google.cat .google.ch .google.cl .google.cn .google.co .google.co.cr .google.co.id .google.co.il .google.co.in .google.co.jp .google.co.kr .google.co.ma .google.co.nz .google.co.th .google.co.uk .google.co.ve .google.co.za .google.com .google.com.ar .google.com.au .google.com.bo .google.com.br .google.com.co .google.com.cu .google.com.cy .google.com.do .google.com.ec .google.com.eg .google.com.et .google.com.gi .google.com.gt .google.com.hk .google.com.jm .google.com.mt .google.com.mx .google.com.my .google.com.ni .google.com.pa .google.com.pe .google.com.ph .google.com.pr .google.com.py .google.com.qa .google.com.sa .google.com.sg .google.com.sv .google.com.tr .google.com.tw .google.com.ua .google.com.uy .google.com.vn .google.cz .google.de .google.dk .google.dm .google.ee .google.es .google.eu .google.fi .google.fr .google.ge .google.gr .google.hn .google.hr .google.hu .google.ie .google.is .google.it .google.je .google.li .google.lk .google.lt .google.lu .google.lv .google.md .google.me .google.mg .google.mk .google.mn .google.mv .google.nl .google.no .google.pl .google.ro .google.rs .google.ru .google.sc .google.se .google.si .google.sk .google.sm .google.tn .google.us .googleadservices.com .google-analytics.com .gstatic.com .hotelbeds.com .ipresso.pl .riskified.com .bstatic.com asa-isa.com bat.bing.com bat.r.msn.com do1ztk2swfi8z.cloudfront.net images.gta-travel.com media.expedia.com mpsnare.iesnare.com secure.rentalcars.com .esky.pl .eskypartners.com www.tripadvisor.com .esky.com .msecnd.net ads.avocet.io i.travelapi.com uk.cdn-net.com tbs.tradedoubler.com .edestinos.com.br .hotjar.com: ws://.hotjar.com wss://.hotjar.com compare.edestinos.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https://skybox.eskypartners.com; report-uri /csp-report;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://skybox.eskypartners.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: default-src 'self' www.edestinos.com.br secure.edestinos.com.br api.edestinos.com secure.eskypartners.com bookings.eskypartners.com *.doubleclick.net *.facebook.com *.google.al *.google.am *.google.at *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cat *.google.ch *.google.cl *.google.cn *.google.co *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.uk *.google.co.ve *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bo *.google.com.br *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.ni *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vn *.google.cz *.google.de *.google.dk *.google.dm *.google.ee *.google.es *.google.eu *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.is *.google.it *.google.je *.google.li *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mv *.google.nl *.google.no *.google.pl *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.si *.google.sk *.google.sm *.google.tn *.google.us *.googleadservices.com *.google-analytics.com *.gstatic.com *.hotelbeds.com *.ipresso.pl *.riskified.com *.bstatic.com asa-isa.com bat.bing.com bat.r.msn.com do1ztk2swfi8z.cloudfront.net images.gta-travel.com media.expedia.com mpsnare.iesnare.com secure.rentalcars.com *.esky.pl *.eskypartners.com www.tripadvisor.com *.esky.com *.msecnd.net ads.avocet.io i.travelapi.com uk.cdn-net.com tbs.tradedoubler.com *.edestinos.com.br *.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com compare.edestinos.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https://skybox.eskypartners.com; report-uri /csp-report;
x-content-type-options: nosniff
esky-correlation-id: AC70552D-4F90-FFDE-AD63-9F78B9D632F3
x-generated-by: dbr-transaction-process-b1777
x-request-id: 5e78e35c37defe08c4bf0f7085c78ba6718d0940
pragma: no-cache
expires: Mon, 19 Jul 2021 19:42:01 GMT
server: esky-edge
x-frame-options: ALLOW-FROM https://skybox.eskypartners.com
date: Mon, 19 Jul 2021 19:42:01 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: https://www.edestinos.com.br
x-xss-protection: 1; mode=block
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: true
x-content-security-policy: default-src 'self' www.edestinos.com.br secure.edestinos.com.br api.edestinos.com secure.eskypartners.com bookings.eskypartners.com *.doubleclick.net *.facebook.com *.google.al *.google.am *.google.at *.google.ba *.google.be *.google.bg *.google.bs *.google.by *.google.ca *.google.cat *.google.ch *.google.cl *.google.cn *.google.co *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.th *.google.co.uk *.google.co.ve *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bo *.google.com.br *.google.com.co *.google.com.cu *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.gi *.google.com.gt *.google.com.hk *.google.com.jm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.ni *.google.com.pa *.google.com.pe *.google.com.ph *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sv *.google.com.tr *.google.com.tw *.google.com.ua *.google.com.uy *.google.com.vn *.google.cz *.google.de *.google.dk *.google.dm *.google.ee *.google.es *.google.eu *.google.fi *.google.fr *.google.ge *.google.gr *.google.hn *.google.hr *.google.hu *.google.ie *.google.is *.google.it *.google.je *.google.li *.google.lk *.google.lt *.google.lu *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.mn *.google.mv *.google.nl *.google.no *.google.pl *.google.ro *.google.rs *.google.ru *.google.sc *.google.se *.google.si *.google.sk *.google.sm *.google.tn *.google.us *.googleadservices.com *.google-analytics.com *.gstatic.com *.hotelbeds.com *.ipresso.pl *.riskified.com *.bstatic.com asa-isa.com bat.bing.com bat.r.msn.com do1ztk2swfi8z.cloudfront.net images.gta-travel.com media.expedia.com mpsnare.iesnare.com secure.rentalcars.com *.esky.pl *.eskypartners.com www.tripadvisor.com *.esky.com *.msecnd.net ads.avocet.io i.travelapi.com uk.cdn-net.com tbs.tradedoubler.com *.edestinos.com.br *.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com compare.edestinos.com; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; frame-ancestors https://skybox.eskypartners.com; report-uri /csp-report;

POST
H2 204 log Show response
www.edestinos.com.br/_fe/ 0
235 B 119ms
119ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/_fe/log

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994
content-length: 273
:path: /_fe/log
pragma: no-cache
traceparent: 00-faa2f5b526b79a6404de456b69902e0f-90d193a627805b9b-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.edestinos.com.br/
traceparent: 00-faa2f5b526b79a6404de456b69902e0f-90d193a627805b9b-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
x-powered-by: Express
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:01 GMT

GET
H2 200 xstorage.html Show response
www.edestinos.com.br/ Frame 0B97 3 KB
1 KB 78ms
77ms Document
text/html 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/xstorage.html

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

7851c8f7f95b17bd6b00cb8d25177f51fed135575c04a4bd132d84ffbe95bffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.edestinos.com.br
:scheme: https
:path: /xstorage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

content-type: text/html; charset=utf-8
content-length: 1033
last-modified: Tue, 13 Jul 2021 09:49:11 GMT
x-generated-by: dbr30-b1477
content-encoding: gzip
accept-ranges: bytes
server: esky-edge
vary: Accept-Encoding
cache-control: max-age=0
expires: Mon, 19 Jul 2021 19:42:01 GMT
date: Mon, 19 Jul 2021 19:42:01 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
referrer-policy: strict-origin-when-cross-origin

POST
H2 200 get-inspiration-prices Show response
www.edestinos.com.br/ 2 B
527 B 218ms
217ms XHR
application/json 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/get-inspiration-prices

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994
content-length: 136
:path: /get-inspiration-prices
pragma: no-cache
traceparent: 00-33c7e8dda3bf6c2b5ff2ee318bb81680-1c3fa79336924816-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.edestinos.com.br/
X-Requested-With: XMLHttpRequest
traceparent: 00-33c7e8dda3bf6c2b5ff2ee318bb81680-1c3fa79336924816-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
esky-correlation-id: 5B87BD79-8098-FA1C-DC69-63A3C408370A
vary: Accept-Encoding
content-length: 33
x-generated-by: dbr30-b1477
x-request-id: c8740acae7492e932534b172bf17dd799cbb2f21
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
esky-resource-type: dynamic
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-language: pt-BR
x-xss-protection: 1; mode=block
cache-control: private, max-age=0
set-cookie: uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; expires=Sat, 19-Jul-2031 19:42:01 GMT; Max-Age=315532800; path=/
accept-ranges: bytes
content-type: application/json
expires: Mon, 19 Jul 2021 19:42:01 GMT

GET
H3-29 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame A571 0
23 B 110ms
110ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=175824989237491&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31f00bb94ceb4%26domain%3Dwww.edestinos.com.br%26origin%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252Ff3dbb4cdfe1ae7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FeDestinosBrasil%2F&layout=standard&locale=pt_BR&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=add8bd473e21575d6e1b7091df529c7f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v5.0/plugins/like.php?action=like&app_id=175824989237491&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31f00bb94ceb4%26domain%3Dwww.edestinos.com.br%26origin%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252Ff3dbb4cdfe1ae7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FeDestinosBrasil%2F&layout=standard&locale=pt_BR&sdk=joey&share=true&show_faces=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: hGqEtxcIGw/Jg+1xKr7jhjvRSA+OOEt446qUowuB0P4Sav4FcytWT261mcaz5LNMW/kK5Ktt3gVRvIg7oG6g3w==
content-length: 0
date: Mon, 19 Jul 2021 19:42:01 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1016894727/ 42 B
64 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016894727/?random=1626723720947&cv=9&fst=1626721200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&async=1&fmt=3&is_vtc=1&random=1502516057&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1016894727/ 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1016894727/?random=1626723720947&cv=9&fst=1626721200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&async=1&fmt=3&is_vtc=1&random=1502516057&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 181 KB
72 KB 73ms
53ms Script
application/javascript 2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?_=1626723720984

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f951b8d30909525216c0b5b7402592e80b05ff1f6c1f9c711670fdb1a5d0d0c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OgvrPX2ZBKpanew/+QQPOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-OgvrPX2ZBKpanew/+QQPOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:01 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4036608&tm=gtm001&Ver=2&mid=62f2b96d-6721-48a6-86d2-b12bb794ca97&sid=63076560e8c911eb825e350b50261f68&vid=6307c860e8c911ebbb0ac11ddb20ef73&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas,%20Reserva%20de%20Passagem%20A%C3%A9rea&kw=passagem%20aerea,%20passagens%20aereas,%20hotel,%20hoteis,%20companhias%20aereas,%20reservas%20de%20hoteis,%20passagem%20aerea%20barata,%20passagens%20aereas%20baratas,%20hoteis%20baratos,%20companhias%20baixo%20custo,%20passagem%20a%C3%A9rea,%20passagens%20a%C3%A9reas,%20hot%C3%A9is,%20companhias%20a%C3%A9reas,%20linhas%20a%C3%A9reas,%20passagem%20a%C3%A9rea%20barata,%20passagem%20a%C3%A9reas%20baratas,%20hot%C3%A9is%20baratos&p=https%3A%2F%2Fwww.edestinos.com.br%2F&r=&lt=926&evt=pageLoad&msclkid=N&sv=1&rn=696914
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Jul 2021 19:42:00 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: EB5012C74A8B430781E031E1B5255C53 Ref B: FRAEDGE1217 Ref C: 2021-07-19T19:42:01Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/
Redirect Chain

https://ads.travelaudience.com/trg.gif?ds=dp&acc=ES&pt=5&lvl=1&la=PT&exid=ed51764f-cae7-5574-8c40-1c2eab758b4d
https://secure.adnxs.com/px?bidder=320&seg=4564892&external_uid=EA60E63F1F624784BB88C5287D4969A3&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9...
https://secure.adnxs.com/bounce?%2Fpx%3Fbidder%3D320%26seg%3D4564892%26external_uid%3DEA60E63F1F624784BB88C5287D4969A3%26redir%3Dhttps%253A%252F%252Fsimage2.pubmatic.com%252FAdServer%252FPug%253Fvc...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTcmdGw9MTI5NjAw&piggybackCookie=EA60E63F1F624784BB88C5287D4969A3&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_cm&google_hm=6mDmPx9iR4S7iMUofUlpow2&google_redir=https%3A%2F%2Fad.yieldlab.net%2Fm%3Fdm_id%3D57205%26ext_id%3DEA60E63F1F624784BB88C5287D4969A3
https://ad.yieldlab.net/m?dm_id=57205&ext_id=EA60E63F1F624784BB88C5287D4969A3&google_error=10

0
360 B

111ms
48ms

Image
text/plain

104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=57205&ext_id=EA60E63F1F624784BB88C5287D4969A3&google_error=10

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:01 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 18 Jul 2021 19:42:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dm_id=57205&ext_id=EA60E63F1F624784BB88C5287D4969A3&google_error=10
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GRU_4_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 267 KB
250 KB 46ms
44ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/GRU_4_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6a84022653fc4b525e81e0a9dabbae72e89cdc31c7269cd43edaf9fffe8f74be

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 01:16:06 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2017 13:00:16 GMT
server: esky-edge
age: 239154
etag: W/"59130ee0-42afd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 5qm7G3iLNHzqXY1O8GoN59Et6SsxgLtT5Dh63f0wtVPMbaafx_PT6Q==
expires: Mon, 16 Aug 2021 01:16:06 GMT

GET
H2 200 SCL_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 25 KB
25 KB 113ms
111ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/SCL_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6d8d1a134f2dbb06a94806d90ee46b17c14b3bcb6354ba3a62bab69251a9974e

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 14:23:23 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:06:01 GMT
server: esky-edge
age: 2524718
etag: W/"56af11e9-62ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: oi-2tgXkthRGXs4pCYvvjxjuGcr_793YjPfnZ06TMidP3i2InRFqEA==
expires: Tue, 20 Jul 2021 14:23:23 GMT

GET
H2 200 IGU_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 23 KB
23 KB 115ms
114ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/IGU_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: fb25b30a4ba902c4747c9fcd7bd296a78e6be01ea0a14e167d2869efa5f52df9

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 20:39:33 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:05:01 GMT
server: esky-edge
age: 428548
etag: W/"56af11ad-5be0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 8ae4U4oeI6P-DhBDT3qvQcKwWsKN3-XDr8JKyt94sjmxoHkbKFSl3Q==
expires: Fri, 13 Aug 2021 20:39:33 GMT

GET
H2 200 REC_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 19 KB
19 KB 45ms
44ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/REC_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 4990b90c31f5b823613a2f72103699a58dce4ff1bdc2aa03f326395944b193e6

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:28:24 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:05:58 GMT
server: esky-edge
age: 627217
etag: W/"56af11e6-4c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: vQGw-iD9klKyp40TD7-WTeLLlgM4oA0iXDUeradQu2uw9pLeRNDlIQ==
expires: Wed, 11 Aug 2021 13:28:24 GMT

GET
H2 200 SSA_3_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 37 KB
37 KB 56ms
55ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/SSA_3_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6b12284558475385b446b76d1ba06997e5c9f6a60ba478eaac523b25d8984f94

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:59:54 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2017 19:06:21 GMT
server: esky-edge
age: 2346127
etag: W/"590ccd2d-95b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Vi6K0tJOa2cEXuETd_pgltpMPCIRsKEBJmyLpvIk_oIfQ4m6JopdXA==
expires: Thu, 22 Jul 2021 15:59:54 GMT

GET
H2 200 FOR_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 25 KB
26 KB 116ms
114ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FOR_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 648d744050ebba9ff4aed315f2a29c7f324cb3b368b8ea672975005c1846168e

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 07:10:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:04:51 GMT
server: esky-edge
age: 649864
etag: W/"56af11a3-64f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: QZTQzhB9opk6NSo3yNnq0ePU13Ll5NRuF4WOxPDzo1QLjut5LtfP_w==
expires: Wed, 11 Aug 2021 07:10:57 GMT

GET
H2 200 MCZ_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 29 KB
29 KB 118ms
117ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/MCZ_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: c7eef747e4f121ac735025fcdc1e2f28c18831b431fbd4e2b5efcbaa151c0b39

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 10:58:41 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:05:21 GMT
server: esky-edge
age: 636200
etag: W/"56af11c1-728a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: bG44O4WjN1HKzyFIe_KQcEDTYx1zVUC4j7xNN8ugcQFhAL8gnrMGVQ==
expires: Wed, 11 Aug 2021 10:58:41 GMT

GET
H2 200 POA_1_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 50 KB
50 KB 107ms
106ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/POA_1_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: f74f21270c55d885b2c328c5a1f417c9ad81009ce15636d5afdfc1d3505382fe

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:31:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2017 14:43:44 GMT
server: esky-edge
age: 799859
etag: W/"590203a0-c94d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: eSct6UTJE8F1FYeSePXezZLNgjwJAbS2Exgkogvnp0TH0wvFZfarBA==
expires: Mon, 09 Aug 2021 13:31:02 GMT

GET
H2 200 CNF_2_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 34 KB
34 KB 120ms
119ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/CNF_2_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 7c97d8c2ae376a0f2af61c70ed372a205fda7a4357138f79e40342645c6c5875

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:47:25 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2017 18:42:59 GMT
server: esky-edge
age: 1036476
etag: W/"590cc7b3-8988"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 9t0arJSJ9HWkkrEqW23rtLz9blw5D1qaMr7XZeIKuujaSin55Qah0Q==
expires: Fri, 06 Aug 2021 19:47:25 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1016894727/ 42 B
64 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016894727/?random=1626723720950&cv=9&fst=1626721200000&num=1&label=GtTzCNuf1WQQh6ry5AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&async=1&fmt=3&is_vtc=1&random=3106976472&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1016894727/ 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1016894727/?random=1626723720950&cv=9&fst=1626721200000&num=1&label=GtTzCNuf1WQQh6ry5AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&tiba=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&async=1&fmt=3&is_vtc=1&random=3106976472&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 api Show response
sdk.adara.com/ 2 B
83 B 24ms
24ms Fetch
text/plain 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.edestinos.com.br/
X-Adara-Key: NzM1ZTdmYWQtMjE2Yi00MTMwLTk1OGUtZjNmNjQ0NDdkYjE4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Adara-Key
content-length: 2

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 285ms
24ms Preflight 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Protocol: H2
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-adara-key
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
date: Mon, 19 Jul 2021 19:42:01 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1544168522524253&ev=PageView&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&rl=&if=false&ts=1626723721284&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.2.1626723721282.1543036215&it=1626723720885&coo=false&rqm=GET

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 19 Jul 2021 19:42:01 GMT

GET
H2 200 hasher.js Show response
static.sojern.com/cip/ Frame 3C7D 18 KB
18 KB 21ms
20ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3fb52733617ae2470aa68e017ffcc4b874470c5e2d98e06662575945c66a7d58

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:04:53 GMT
age: 2228
x-guploader-uploadid: ADPycdtRYpp7-DP6YWelF423nWEJvrUcD49dFPH_ialf3IRsvmgCmfF8NUpgWJL-KQNx6Oy0FIC3MueGAIHLm8W9fGk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 18183
last-modified: Tue, 30 Mar 2021 19:41:58 GMT
server: UploadServer
etag: "6a8513f48d2bf15cedca782ad1e2f4ac"
x-goog-hash: crc32c=Qc+omg==, md5=aoUT9I0r8Vztyngq0eL0rA==
x-goog-generation: 1617133318836679
cache-control: public, max-age=3600
x-goog-stored-content-length: 18183
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 19 Jul 2021 20:04:53 GMT

GET
H2 200 hp Show response
pixel.sojern.com/partner/veNk3cJBImq42RsD/ Frame 3C7D 3 KB
880 B 80ms
25ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/partner/veNk3cJBImq42RsD/hp?et=hp&p=index&ccid=default&cid=p=index|md5_eml=|sha1_eml=|sha256_eml=|ccid=default|
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 2a5c1fe4fa51977a82a8b7af151125e6b24ca5d503651520ea7528d6ece14340

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
content-encoding: gzip
content-type: application/javascript
alt-svc: clear
content-length: 562

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 3C7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=npkHpOAZbtXy19zRaMTWxQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPo...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&google_gid=CAESEMHalX8fNNuADQ_t9D6w3GY&google_cver=1

42 B
282 B

25ms
24ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&google_gid=CAESEMHalX8fNNuADQ_t9D6w3GY&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&google_gid=CAESEMHalX8fNNuADQ_t9D6w3GY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 3C7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=npkHpOAZbtXy19zRaMTWxQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopa3yi4KSv009eopT8JQLqCTKEB1lTz7ObmTzirqmyoszdWthbd--vtEqIZ3nSXNFkx1rOrm_hpRXDWPywJo1wCTA9gYmtiBnPr6aEdKOfS1sx7YZo
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopa3yi4KSv009eopT8JQLqCTKEB1lTz7ObmTzirqmyoszdWthbd--vtEqIZ3nSXNFkx1rOrm_hpRXDWPywJo1wCTA9gYmtiBnPr6aEdKOfS1sx7YZo

170 B
546 B

36ms
14ms

Image
image/png

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopa3yi4KSv009eopT8JQLqCTKEB1lTz7ObmTzirqmyoszdWthbd--vtEqIZ3nSXNFkx1rOrm_hpRXDWPywJo1wCTA9gYmtiBnPr6aEdKOfS1sx7YZo

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopa3yi4KSv009eopT8JQLqCTKEB1lTz7ObmTzirqmyoszdWthbd--vtEqIZ3nSXNFkx1rOrm_hpRXDWPywJo1wCTA9gYmtiBnPr6aEdKOfS1sx7YZo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 3C7D
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1
https://pixel.sojern.com/idsync/apn?id=4688871192642692480&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1

42 B
264 B

24ms
24ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=4688871192642692480&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:01 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d4d753b0-5896-4706-b42e-9e2b9a818d78
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.sojern.com/idsync/apn?id=4688871192642692480&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/ Frame 3C7D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=e84d1bbd-6e84-4ec8-b2a3-22909a2d320f&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1

42 B
275 B

25ms
25ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=e84d1bbd-6e84-4ec8-b2a3-22909a2d320f&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/veNk3cJBImq42RsD.html?p=index&eml=&md5_eml=&sha1_eml=&sha256_eml=&ccid=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=e84d1bbd-6e84-4ec8-b2a3-22909a2d320f&sjrn_id=5wE-EOrET4tSdCg9VF97aH8wzTYa-e_oF79wTGHGa5vuvxlwxPoPOmgUFgmyApx1
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 327

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=6645&_yoid=60c42e5e-474b-4128-8427-fa8eac255531&_yosid=d79d1375-417a-4b18-af22-ebea5b52d143
https://tag.yieldoptimizer.com/ps/ps?tc=101402379&t=i&p=6645&_yoid=60c42e5e-474b-4128-8427-fa8eac255531&_yosid=d79d1375-417a-4b18-af22-ebea5b52d143
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNDk2ODA0MTExMg&google_sc

170 B
188 B

52ms
35ms

Fetch
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNDk2ODA0MTExMg&google_sc

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNDk2ODA0MTExMg&google_sc
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 202 events Show response
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ 0
40 B 28ms
27ms XHR
text/plain 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Mon, 19 Jul 2021 19:42:01 GMT
x-cloud-request-id: 2uwMhyQqRXOFo10Pc9d85w
x-found-handling-instance: instance-0000000001
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 events
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ Frame 0
0 113ms
27ms Preflight 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Protocol

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.edestinos.com.br
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Mon, 19 Jul 2021 19:42:01 GMT
vary: Origin
x-cloud-request-id: GOHlRYN0TXm5CHKfqoBUfA
x-content-type-options: nosniff
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
x-found-handling-instance: instance-0000000001
content-length: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1544168522524253&ev=Microdata&dl=https%3A%2F%2Fwww.edestinos.com.br%2F&rl=&if=false&ts=1626723721787&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea%22%2C%22meta%3Adescription%22%3A%22Central%20de%20viagens%20online%20com%20promo%C3%A7%C3%B5es%20de%20hot%C3%A9is%20e%20passagens%20a%C3%A9reas%20atualizadas%20diariamente%20em%20tempo%20real.%20Aproveite%20as%20nossas%20ofertas%20para%20a%20sua%20viagem!%22%2C%22meta%3Akeywords%22%3A%22passagem%20aerea%2C%20passagens%20aereas%2C%20hotel%2C%20hoteis%2C%20companhias%20aereas%2C%20reservas%20de%20hoteis%2C%20passagem%20aerea%20barata%2C%20passagens%20aereas%20baratas%2C%20hoteis%20baratos%2C%20companhias%20baixo%20custo%2C%20passagem%20a%C3%A9rea%2C%20passagens%20a%C3%A9reas%2C%20hot%C3%A9is%2C%20companhias%20a%C3%A9reas%2C%20linhas%20a%C3%A9reas%2C%20passagem%20a%C3%A9rea%20barata%2C%20passagem%20a%C3%A9reas%20baratas%2C%20hot%C3%A9is%20baratos%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Asite_name%22%3A%22eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea%22%2C%22og%3Atitle%22%3A%22eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic1.eskypartners.com%2Flogos%2Fpartners%2Fpt_BR%2Flogo_square.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.edestinos.com.br%2F%22%2C%22og%3Adescription%22%3A%22Central%20de%20viagens%20online%20com%20promo%C3%A7%C3%B5es%20de%20hot%C3%A9is%20e%20passagens%20a%C3%A9reas%20atualizadas%20diariamente%20em%20tempo%20real.%20Aproveite%20as%20nossas%20ofertas%20para%20a%20sua%20viagem!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.2.1626723721282.1543036215&it=1626723720885&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 19 Jul 2021 19:42:01 GMT

GET
H/1.1 200
OK monitoridentification.js Show response
media-edestinos-com-br.ipresso.pl/monitoridentification/WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY./xT9LqL69W8-JeaiVrkhYPiRuvZbEiAcFjiVbFpbKgvk./ 28 KB
11 KB 200ms
101ms Script
application/x-javascript 93.179.224.106
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://media-edestinos-com-br.ipresso.pl/monitoridentification/WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY./xT9LqL69W8-JeaiVrkhYPiRuvZbEiAcFjiVbFpbKgvk./monitoridentification.js?t=1626723721845&r=&ti=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&c=null&z=9yxxjw_vsdgFYwqrUe6mA4DBX0WH3C3EDpp0xXmJcFI.

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.179.224.106 Katowice, Poland, ASN31242 (TKPSA-AS, PL),

Reverse DNS

host-93.179.224.106.static.3s.pl

Software

Resource Hash

c8efea2177dc8783663d530a722b4eb79888187ad2a92287b23612215cebe800

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
content-length: 10958
Content-Type: application/x-javascript; charset=utf-8

GET
H2 200 ucb.js Show response
compare-static.edestinos.com/r/ 8 KB
4 KB 113ms
27ms Script
application/javascript 143.204.98.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare-static.edestinos.com/r/ucb.js
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-96.fra50.r.cloudfront.net
Software: / Express
Resource Hash: 402c86442d78e30954e7ae5f96abceb33f2c112a3fc5622b6e1138adfac66604

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 21:39:30 GMT
content-encoding: gzip
age: 79350
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=86400
access-control-allow-credentials: false
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Content-Type
x-amz-cf-id: _tCdGlGK2flE1rxi3rKiay8KT9NO7sFTKyOyZcpD5gt39d6ZKl0NKA==
expires: Mon, 19 Jul 2021 21:39:30 GMT

GET
H2 200 lib.min.js Show response
lib.wtg-ads.com/ 489 KB
90 KB 60ms
36ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.wtg-ads.com/lib.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NH83QL6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c252c058d314c2e73af9d41028ca0a2c810d3d3332513ca1f47578035e76ef

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1078945
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
last-modified: Wed, 07 Jul 2021 07:59:34 GMT
server: cloudflare
etag: W/"60e55ee6-7a5a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFLs18CIpWOvYyfMpvFV9jQNAijRGJBQ6swtaTtyeep3L0WUWog3CqoGRVPYFI8ggL7gGoL8NVeqVpQ2Gi2FZUN0udN1jqBrpg%2BZvlauzzVend%2BkVhYmX154UGx6W%2FXzvVyxLz3AmKv3w4LbFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 67166e3db8ce05ed-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 07 Jul 2021 10:59:36 GMT

GET
H2 200 lg.php
progress.edestinos.com.br/www/delivery/ 43 B
305 B 288ms
288ms Image
image/gif 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://progress.edestinos.com.br/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=113&loc=https%3A%2F%2Fwww.edestinos.com.br%2F&cb=ac73c68db9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-136.deploy.static.akamaitechnologies.com
Software: esky-edge /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
gd: off
server: esky-edge
date: Mon, 19 Jul 2021 19:42:02 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 / Show response
beacon.riskified.com/ 46 KB
14 KB 377ms
186ms Script
application/javascript 2600:1f18:f8a:b704:e516:f71b:f667:9bcf
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.riskified.com/?shop=www.esky.com&sid=WFDB1626723720991
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:f8a:b704:e516:f71b:f667:9bcf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e5edc80bdc6a97108f6e0f2e63d0de1ba70e68039da631746b755489e35656e9

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:02 GMT
access-control-request-method: *
server: istio-envoy
x-b3-traceid: 31f13ea3cdd4e48b302dabf5becb8329
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
x-b3-spanid: 0a3160ea54d18c6e
x-b3-parentspanid: f7b45388b1df940f
x-b3-sampled: 0
content-encoding: gzip
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H3-29 200 style
accounts.google.com/gsi/ 658 B
435 B 62ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.unNwGD9Tbdo.O/am=chE/d=1/rs=AF0KOtWXjjr1PdTR2ZbOay2VCO3VY8meJg/m=gis_client_library

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7fe2658eb999f3b15e58fb37133962dce8943c53800e4aca85b701d1a343d89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e1cuC/JL3lRPXJYpnOUTRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-e1cuC/JL3lRPXJYpnOUTRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:01 GMT

GET
H3-29 200 status Show response
accounts.google.com/gsi/ 40 B
91 B 230ms
219ms XHR
application/json 2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=844265783495-h5rkg6srd8dmdgrofispg6hn2te5m7bj.apps.googleusercontent.com&as=ckOrCuCpejuDtlFHkbAtHg

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fa078b7b935ba115a287ba0f0321063b9e847fa9204bfd20e0ddbab439f2185

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iXY79QHEm5duioznUbr2Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-iXY79QHEm5duioznUbr2Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CNF_2_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 34 KB
34 KB 40ms
39ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/CNF_2_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 7c97d8c2ae376a0f2af61c70ed372a205fda7a4357138f79e40342645c6c5875

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:47:25 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2017 18:42:59 GMT
server: esky-edge
age: 1036476
etag: W/"590cc7b3-8988"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: HqKFnJVyUUhQKxQ8RY3rKjt4lK_oRUyXkwJBh896TLk2T5FSJn4TZA==
expires: Fri, 06 Aug 2021 19:47:25 GMT

GET
H2 200 GRU_4_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 267 KB
250 KB 39ms
39ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/GRU_4_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6a84022653fc4b525e81e0a9dabbae72e89cdc31c7269cd43edaf9fffe8f74be

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 01:16:06 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2017 13:00:16 GMT
server: esky-edge
age: 239154
etag: W/"59130ee0-42afd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 1QcC0SbmZ4Gt-T44hAZ_RCEy48dnpuo8lzL8nsy6fhUGvDtfq_CV4g==
expires: Mon, 16 Aug 2021 01:16:06 GMT

GET
H2 200 SCL_1_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 25 KB
25 KB 41ms
41ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/SCL_1_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6d8d1a134f2dbb06a94806d90ee46b17c14b3bcb6354ba3a62bab69251a9974e

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 14:23:23 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:06:01 GMT
server: esky-edge
age: 2524718
etag: W/"56af11e9-62ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: nQTk1TiVPKDnCbPwucDiFze9YXZ6JeGk0-8N8xI3Sqe_yTdTmWaI3A==
expires: Tue, 20 Jul 2021 14:23:23 GMT

GET
H2 200 IGU_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 23 KB
23 KB 40ms
40ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/IGU_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: fb25b30a4ba902c4747c9fcd7bd296a78e6be01ea0a14e167d2869efa5f52df9

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 20:39:33 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:05:01 GMT
server: esky-edge
age: 428548
etag: W/"56af11ad-5be0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: -Ar4JbDfhZLbAS7Ixb3F7KsekDLaYih24i_rjBDJikMemXKKjY1kQw==
expires: Fri, 13 Aug 2021 20:39:33 GMT

GET
H2 200 REC_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 19 KB
19 KB 41ms
40ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/REC_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 4990b90c31f5b823613a2f72103699a58dce4ff1bdc2aa03f326395944b193e6

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:28:24 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:05:58 GMT
server: esky-edge
age: 627217
etag: W/"56af11e6-4c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: bACeahrVlSJQ5dBV0dacXhsRDV89U2VD0A2Mc3YiXs5RU6DaalHAyw==
expires: Wed, 11 Aug 2021 13:28:24 GMT

GET
H2 200 SSA_3_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 37 KB
37 KB 49ms
49ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/SSA_3_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 6b12284558475385b446b76d1ba06997e5c9f6a60ba478eaac523b25d8984f94

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 15:59:54 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2017 19:06:21 GMT
server: esky-edge
age: 2346127
etag: W/"590ccd2d-95b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: x5RQRSo_KGV7XqMLcX7t81l94VGayAASLo3_U4Ib_QXMPcMzT_lrEw==
expires: Thu, 22 Jul 2021 15:59:54 GMT

GET
H2 200 FOR_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 25 KB
26 KB 39ms
39ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/FOR_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: 648d744050ebba9ff4aed315f2a29c7f324cb3b368b8ea672975005c1846168e

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 07:10:57 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:04:51 GMT
server: esky-edge
age: 649864
etag: W/"56af11a3-64f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: vJzdnAjaFCAn59GmSSyxLBmmEAu0LNySWjMgEmlQ4R7ZWQkpo4A5AQ==
expires: Wed, 11 Aug 2021 07:10:57 GMT

GET
H2 200 MCZ_0_SquareSmall_290_290.jpg
static1.eskypartners.com/deals/ 29 KB
29 KB 50ms
50ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/MCZ_0_SquareSmall_290_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: c7eef747e4f121ac735025fcdc1e2f28c18831b431fbd4e2b5efcbaa151c0b39

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 10:58:41 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2016 08:05:21 GMT
server: esky-edge
age: 636200
etag: W/"56af11c1-728a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: cAOB0mub3cJNhahVpBSBbxeeC-qODoxHr9wd6XYiXp7ODo_I_3htQg==
expires: Wed, 11 Aug 2021 10:58:41 GMT

GET
H2 200 POA_1_Rectangle_610_290.jpg
static1.eskypartners.com/deals/ 50 KB
50 KB 48ms
48ms Image
image/jpeg 13.224.99.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.eskypartners.com/deals/POA_1_Rectangle_610_290.jpg
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-109.zrh50.r.cloudfront.net
Software: esky-edge /
Resource Hash: f74f21270c55d885b2c328c5a1f417c9ad81009ce15636d5afdfc1d3505382fe

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:31:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2017 14:43:44 GMT
server: esky-edge
age: 799859
etag: W/"590203a0-c94d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: ouD0v-jn0zK5PF29vgZFptXCMo3shyJ2ZpoR-qT3nlYhfk4qkZ5qOA==
expires: Mon, 09 Aug 2021 13:31:02 GMT

GET
H2 200 standard.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/www.edestinos.com.br/ 8 KB
2 KB 21ms
21ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.wtg-ads.com/publisher/www.edestinos.com.br/standard.publisher.config.min.js
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8b40cb5a33bb14709497016e96672d06b4c1390b2b2f090416f2ed0b1e53b2

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 888745
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
last-modified: Fri, 09 Jul 2021 12:07:19 GMT
server: cloudflare
etag: W/"60e83bf7-21bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tjlLuAmBDZxdwQXikeGxwYClA9ojOJmng0toW0BZoALnEGLPzmaPSAdjZOiRa%2F%2BHJ6hAkQmDIrt3G%2BjWjmm%2FGUtnCRvV9PVG5Jvr%2FO3Iob6t9hE6%2BdTA5n64ZYZlj9IrisF9X1Wnsm1XBXDMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 67166e3e29df05ed-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 09 Jul 2021 15:49:36 GMT

GET
H2 200 constrain Show response
www.clicktripz.com/api/integrations/v1/ 267 B
613 B 572ms
223ms XHR
application/json 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clicktripz.com/api/integrations/v1/constrain
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: nginx/1.16.0 / PHP/7.3.23
Resource Hash: 20cf63cd1b566a503353cc53633d022d65d60007e8c5e004792a1f7605e82995

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
via: kong/2.0.5
server: nginx/1.16.0
access-control-allow-origin: https://www.edestinos.com.br
x-powered-by: PHP/7.3.23
content-type: application/json
x-kong-proxy-latency: 1
x-kong-upstream-latency: 54
access-control-allow-credentials: true

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
6ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210719

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1480b636a009ff3faceb7412988430efd929d970904587911b5830f3af6c4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16451
x-jsd-version: 1.0.1042
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 953
etag: W/"69f-V5a/KDKA6WK1l8JlQJnn9Y/cH3Y"
x-served-by: cache-fra19175-FRA
x-jsd-version-type: version
date: Mon, 19 Jul 2021 19:42:01 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.publisher.config.min.js Show response
lib.wtg-ads.com/publisher/www.edestinos.com.br/ 3 KB
1 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.wtg-ads.com/publisher/www.edestinos.com.br/main.publisher.config.min.js
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 531a1212f56b6b8d247d7e61f26daa393238ff50035a947a402399cdcd52685a

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 959790
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
last-modified: Thu, 08 Jul 2021 14:23:34 GMT
server: cloudflare
etag: W/"60e70a66-a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeDh60tB4bw4BSDkQmJGUr%2BAsTu2IqBdPrY6umEmvvR4UrYt6YMeTE49KgADE%2B%2FrXLpvTEx9pJ9UxGHdOXnEflfqlnu2kGDspmC2KZU1zGz8oQ%2B0orq60EwGC%2FtCBHkN4aWwlNVQm6u9vLotmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 67166e3e5a5905ed-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Jul 2021 20:05:31 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1019 B 6ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210719

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1480b636a009ff3faceb7412988430efd929d970904587911b5830f3af6c4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16451
x-jsd-version: 1.0.1042
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 953
etag: W/"69f-V5a/KDKA6WK1l8JlQJnn9Y/cH3Y"
x-served-by: cache-fra19175-FRA
x-jsd-version-type: version
date: Mon, 19 Jul 2021 19:42:02 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 69 KB
24 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

434888a0e7f86f31d95f393233718496c3517be8c83f229f70f1af33bf3fc8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 19 of 1000 / last-modified: 1626693396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24157
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:02 GMT

POST
H2 200 v1.1 Show response
www.edestinos.com.br/patalyst/ 0
272 B 178ms
177ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/patalyst/v1.1

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994; _uetsid=63076560e8c911eb825e350b50261f68; _uetvid=6307c860e8c911ebbb0ac11ddb20ef73; _yoid=60c42e5e-474b-4128-8427-fa8eac255531; _yosid=d79d1375-417a-4b18-af22-ebea5b52d143; _fbp=fb.2.1626723721282.1543036215; UniqueUserId=4c4b2f461c29c75886b5b28096aebdeb
content-length: 1107
:path: /patalyst/v1.1
pragma: no-cache
traceparent: 00-05a3f9ef0693e9c459308019410237fc-672de11775c03a15-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.edestinos.com.br/
traceparent: 00-05a3f9ef0693e9c459308019410237fc-672de11775c03a15-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
referrer-policy: strict-origin-when-cross-origin
api-supported-versions: 1.0, 1.1, 1.2
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-envoy-upstream-service-time: 1
content-length: 0
x-content-type-options: nosniff
server: nginx
expires: Mon, 19 Jul 2021 19:42:02 GMT

GET
H2 200 pubads_impl_2021071301.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 99ms
98ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 08:39:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117314
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 77 B
734 B 98ms
39ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.edestinos.com.br

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e974985e98d24c383a6defa8aa367ba84e0780a3bb051c2f7e2823a9bde8240a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:02 GMT

GET
H2 200 prebid_4.21.2.js Show response
lib.wtg-ads.com/prebid/ 292 KB
91 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.wtg-ads.com/prebid/prebid_4.21.2.js
Requested by: Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9953ee4c397a90da1e1d26182128847c8e5eae71626541fc86a8a7c55f9230ed

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 599307
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
last-modified: Tue, 02 Mar 2021 10:29:33 GMT
server: cloudflare
etag: W/"603e138d-48fa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31mC4Kaa%2BOBu4aUXKLQ%2ByrpsptY2ILhv9RXJNk6P8EI%2B4XbiC8BobDNaZ7lq0anSmiGZ4n%2B6e2lC6hpZohDsPOnY8hFMw2TK0yx8hubrjZuWKSY3HPtDmJdiTXjVOveAR6PpfAnjAv0y5v6SXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 67166e3edb5a05ed-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 13 Jul 2021 00:13:35 GMT

GET
H/1.1 200
OK / Show response
perun.ipresso.pl/perun/WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY./xT9LqL69W8-JeaiVrkhYPiRuvZbEiAcFjiVbFpbKgvk./ 0
449 B 173ms
62ms Script
application/x-javascript 93.179.224.106
TKPSA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://perun.ipresso.pl/perun/WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY./xT9LqL69W8-JeaiVrkhYPiRuvZbEiAcFjiVbFpbKgvk./?i=&ia=NlnHrd7iKMCADBmmxN-8aR2pBHeWVFuNwC4wlJtrFxs.&d=1626723722065&r=&s=https%3A%2F%2Fwww.edestinos.com.br%2F

Requested by

Host: media-edestinos-com-br.ipresso.pl
URL: https://media-edestinos-com-br.ipresso.pl/monitoridentification/WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY./xT9LqL69W8-JeaiVrkhYPiRuvZbEiAcFjiVbFpbKgvk./monitoridentification.js?t=1626723721845&r=&ti=eDestinos.com.br%20-%20Passagens%20A%C3%A9reas%2C%20Reserva%20de%20Passagem%20A%C3%A9rea&c=null&z=9yxxjw_vsdgFYwqrUe6mA4DBX0WH3C3EDpp0xXmJcFI.

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.179.224.106 Katowice, Poland, ASN31242 (TKPSA-AS, PL),

Reverse DNS

host-93.179.224.106.static.3s.pl

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Access-Control-Allow-Headers: origin, content-type, accept
content-length: 20

POST
H2 204 log Show response
www.edestinos.com.br/_fe/ 0
235 B 156ms
155ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/_fe/log

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994; _uetsid=63076560e8c911eb825e350b50261f68; _uetvid=6307c860e8c911ebbb0ac11ddb20ef73; _yoid=60c42e5e-474b-4128-8427-fa8eac255531; _yosid=d79d1375-417a-4b18-af22-ebea5b52d143; _fbp=fb.2.1626723721282.1543036215; UniqueUserId=4c4b2f461c29c75886b5b28096aebdeb; __ipcan_WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY.=NlnHrd7iKMCADBmmxN-8aR2pBHeWVFuNwC4wlJtrFxs.
content-length: 268
:path: /_fe/log
pragma: no-cache
traceparent: 00-05a3f9ef0693e9c459308019410237fc-f521928475ba40e7-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.edestinos.com.br/
traceparent: 00-05a3f9ef0693e9c459308019410237fc-f521928475ba40e7-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
x-powered-by: Express
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:02 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
996 B 7ms
7ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210719

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1480b636a009ff3faceb7412988430efd929d970904587911b5830f3af6c4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16451
x-jsd-version: 1.0.1042
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 953
etag: W/"69f-V5a/KDKA6WK1l8JlQJnn9Y/cH3Y"
x-served-by: cache-fra19175-FRA
x-jsd-version-type: version
date: Mon, 19 Jul 2021 19:42:02 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST v2
i.connectad.io/api/ 0
0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 157ms
92ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwMDk5OTgmdHJhbnNhY3Rpb25JZD1iYWQ2ODkzNC01N2JlLTQ0NDYtODY1NS1iMzAwZTE5YzVjYTQmcmN1cj1QTE4%3D&pt=gross&stid=9790a779-2251-4600-94f0-5dc539a49cdc&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&fd=1

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
369 B 290ms
105ms XHR
text/plain 136.144.58.223
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.58.223 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Mon, 19 Jul 2021 19:42:02 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 13
vary: origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 62ms
62ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8bf5318a9ba054117c1121ed7056fa5d045a5bcb46e200f0000bf203e35ff11b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:02 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9d35c5a7-ccbd-4dff-92a7-d2f001d40d98
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.edestinos.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
365 B 158ms
85ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.edestinos.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 19 Jul 2021 19:42:02 GMT

GET
H2 200 arj Show response
waytogrow-d.openx.net/w/1.0/ 276 B
643 B 90ms
33ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://waytogrow-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.edestinos.com.br%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bad68934-57be-4446-8655-b300e19c5ca4&nocache=1626723722234&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&gdpr=1&aus=970x250%2C970x90%2C728x90&divIds=%252F21695112458%252FeDestinos_BR%252Fsg_bill_top&auid=540797794
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.210.0 /
Resource Hash: 8a2a3494c8c350f3ee94d5c60eab14cdea9785db01dd059f0164b64631b6ffdc

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
server: OXGW/16.210.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.edestinos.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 244
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
375 B 197ms
150ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=450738&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213fbe860fc3bd5c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.edestinos.com.br%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214a3bc67a957a3a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22450738%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214a3bc67a957a3a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22450738%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214a3bc67a957a3a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22450738%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 73639fecaeb99b3bd62102728e863391160c9f12de41cf42e9bf9b49f7ae4e06

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.100], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.edestinos.com.br
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Mon, 19 Jul 2021 19:42:02 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 186ms
120ms XHR
application/json 213.19.162.41
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17862&site_id=204092&zone_id=1005804&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&rf=https%3A%2F%2Fwww.edestinos.com.br%2F&tk_flint=pbjs_lite_v4.21.0&x_source.tid=bad68934-57be-4446-8655-b300e19c5ca4&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8177314990015978
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0aca6d4b1ec5cdbbf8be0d4ae90ef49fc48eefb76917770aecb0f253bd4ddc38

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.edestinos.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 rum Show response
www.edestinos.com.br/_fe/ 0
235 B 77ms
77ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/_fe/rum

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994; _uetsid=63076560e8c911eb825e350b50261f68; _uetvid=6307c860e8c911ebbb0ac11ddb20ef73; _yoid=60c42e5e-474b-4128-8427-fa8eac255531; _yosid=d79d1375-417a-4b18-af22-ebea5b52d143; _fbp=fb.2.1626723721282.1543036215; UniqueUserId=4c4b2f461c29c75886b5b28096aebdeb; __ipcan_WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY.=NlnHrd7iKMCADBmmxN-8aR2pBHeWVFuNwC4wlJtrFxs.
content-length: 856
:path: /_fe/rum
pragma: no-cache
traceparent: 00-05a3f9ef0693e9c459308019410237fc-757011c9cd991531-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.edestinos.com.br/
traceparent: 00-05a3f9ef0693e9c459308019410237fc-757011c9cd991531-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
x-powered-by: Express
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:02 GMT

POST
H2 204 rum Show response
www.edestinos.com.br/_fe/ 0
235 B 151ms
151ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/_fe/rum

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: firstTimeVisit=202107192142; _ga=GA1.3.1477734896.1626723721; _gid=GA1.3.155043288.1626723721; _gcl_au=1.1.655328207.1626723721; mes_referrer=; _dc_gtm_UA-21804834-1=1; uguid=eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3; _dc_gtm_UA-136029019-1=1; esky_TCSI=WFDB1626723720991; newUser=WFDB1626723720991; esky_TCSIS=UAKBU1626723720992; MasterId=ed51764f-cae7-5574-8c40-1c2eab758b4d; esky_TCTTIStart=1626723720994; _uetsid=63076560e8c911eb825e350b50261f68; _uetvid=6307c860e8c911ebbb0ac11ddb20ef73; _yoid=60c42e5e-474b-4128-8427-fa8eac255531; _yosid=d79d1375-417a-4b18-af22-ebea5b52d143; _fbp=fb.2.1626723721282.1543036215; UniqueUserId=4c4b2f461c29c75886b5b28096aebdeb; __ipcan_WI9v_FZ80b9eUOFPv-lgndySlYiOmlWR9hIexFMA7CY.=NlnHrd7iKMCADBmmxN-8aR2pBHeWVFuNwC4wlJtrFxs.
content-length: 5420
:path: /_fe/rum
pragma: no-cache
traceparent: 00-05a3f9ef0693e9c459308019410237fc-54526f6708301c45-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.edestinos.com.br/
traceparent: 00-05a3f9ef0693e9c459308019410237fc-54526f6708301c45-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Jul 2021 19:42:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
x-powered-by: Express
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:02 GMT

POST
H2 202 events Show response
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ 0
36 B 27ms
27ms XHR
text/plain 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Mon, 19 Jul 2021 19:42:02 GMT
x-cloud-request-id: CxneUdaEQ6yY08Y4HPdbQA
x-found-handling-instance: instance-0000000001
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 events
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ Frame 0
0 27ms
27ms Preflight 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Protocol

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.edestinos.com.br
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Mon, 19 Jul 2021 19:42:02 GMT
vary: Origin
x-cloud-request-id: iquo8GjPTd6B-4McrtSftA
x-content-type-options: nosniff
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
x-found-handling-instance: instance-0000000001
content-length: 0

GET
H/1.1 200
OK image-l.gif
img.riskified.com/img/ 35 B
271 B 438ms
109ms Image
image/gif 23.22.25.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16267237222630.6887746502528904&c=93b6krtfx8skpdcpvxbzqakrb1axak&p=wj95wc&a=WFDB1626723720991&o=www.esky.com&rt=1626723722090
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.22.25.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-25-19.compute-1.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:02 GMT
Last-Modified: Mon, 10 May 2021 09:31:37 GMT
Server: nginx/1.10.2
ETag: "6098fd79-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.edestinos.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.edestinos.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 549ms
548ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=888293530371271&correlator=400928633934135&output=ldjh&impl=fifs&eid=31061736%2C31061783%2C21068030%2C31060976&vrg=2021071301&ptt=17&sc=1&sfv=1-0-38&ecs=20210719&iu_parts=21695112458%2CeDestinos_BR%2Csg_bill_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C750x300%7C750x200%7C728x90&eri=1&cust_params=PersonalizedAds%3D1%26Log_adsRun%3Dtrue%26Log_InitPersonalized%3Dundefined%26url%3Dhttps%253A%252F%252Fwww.edestinos.com.br%252F%26host%3Dwww.edestinos.com.br%26path%3D%252F%26resolution%3D1600&cookie_enabled=1&bc=31&abxe=1&lmt=1626723722&dt=1626723722537&dlt=1626723720554&idt=1640&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2844816383&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.edestinos.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1477734896.1626723721&ga_sid=1626723723&ga_hid=624164840&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f5b057709d9a2c600115329697db01be60631727d0797b07a1b12073f1e95ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11631
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.edestinos.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9493 6 KB
3 KB 48ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 19 Jul 2021 19:42:02 GMT
expires: Tue, 19 Jul 2022 19:42:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

constrain Show response
compare.edestinos.com/api/integrations/v1/
Redirect Chain

https://www.clicktripz.com/api/integrations/v1/constrain?publisherAlias=edestinos&r=https%3A%2F%2Fcompare.edestinos.com%2Fapi%2Fintegrations%2Fv1%2Fconstrain%3FpublisherAlias%3Dedestinos%26u%3Dhttp...
https://compare.edestinos.com/api/integrations/v1/constrain?publisherAlias=edestinos&u=https%3A%2F%2Fwww.edestinos.com.br%2F&_ctuid=f9b491a1-a8a7-4fc7-aa22-828275921da5

470 B
798 B

558ms
210ms

XHR
application/json

44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/api/integrations/v1/constrain?publisherAlias=edestinos&u=https%3A%2F%2Fwww.edestinos.com.br%2F&_ctuid=f9b491a1-a8a7-4fc7-aa22-828275921da5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: nginx/1.16.0 / PHP/7.3.23
Resource Hash: 2e7ec6088c41802ea2b6533a3e7452c2e326c377e97449d42a7b8e3f5df4e970

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
via: kong/2.0.5
server: nginx/1.16.0
access-control-allow-origin: null
x-powered-by: PHP/7.3.23
content-type: application/json
x-kong-proxy-latency: 0
x-kong-upstream-latency: 42
access-control-allow-credentials: true

Redirect headers

date: Mon, 19 Jul 2021 19:42:02 GMT
via: kong/2.0.5
server: nginx/1.16.0
x-powered-by: PHP/7.3.23
location: https://compare.edestinos.com/api/integrations/v1/constrain?publisherAlias=edestinos&u=https%3A%2F%2Fwww.edestinos.com.br%2F&_ctuid=f9b491a1-a8a7-4fc7-aa22-828275921da5
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.edestinos.com.br
x-kong-upstream-latency: 11
access-control-allow-credentials: true
x-kong-proxy-latency: 1

GET
H/1.1 200
OK image-l.gif
img.riskified.com/img/ 35 B
271 B 109ms
109ms Image
image/gif 23.22.25.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16267237227140.9605122766466587&c=93b6krtfx8skpdcpvxbzqakrb1axak&p=wj95wc&a=WFDB1626723720991&o=www.esky.com&rt=1626723722090
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.22.25.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-25-19.compute-1.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:02 GMT
Last-Modified: Mon, 10 May 2021 09:31:37 GMT
Server: nginx/1.10.2
ETag: "6098fd79-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK image-l.gif
img.riskified.com/img/ 35 B
271 B 114ms
114ms Image
image/gif 23.22.25.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16267237228350.12371228170396642&c=93b6krtfx8skpdcpvxbzqakrb1axak&p=wj95wc&a=WFDB1626723720991&o=www.esky.com&rt=1626723722090
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.22.25.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-25-19.compute-1.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:02 GMT
Last-Modified: Mon, 10 May 2021 09:31:37 GMT
Server: nginx/1.10.2
ETag: "6098fd79-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK image-l.gif
img.riskified.com/img/ 35 B
271 B 109ms
108ms Image
image/gif 23.22.25.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16267237229620.12039991698791908&c=93b6krtfx8skpdcpvxbzqakrb1axak&p=wj95wc&a=WFDB1626723720991&o=www.esky.com&rt=1626723722090
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.22.25.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-25-19.compute-1.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Last-Modified: Mon, 10 May 2021 09:31:37 GMT
Server: nginx/1.10.2
ETag: "6098fd79-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK image-l.gif
img.riskified.com/img/ 35 B
271 B 109ms
108ms Image
image/gif 23.22.25.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16267237230830.26234624440200394&c=93b6krtfx8skpdcpvxbzqakrb1axak&p=wj95wc&a=WFDB1626723720991&o=www.esky.com&rt=1626723722090
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.22.25.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-25-19.compute-1.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Last-Modified: Mon, 10 May 2021 09:31:37 GMT
Server: nginx/1.10.2
ETag: "6098fd79-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H3-29 200 container.html Show response
afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6654 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 19 Jul 2021 19:42:02 GMT
expires: Tue, 19 Jul 2022 19:42:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:03 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
26ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071301&st=env

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b63a6107f6e979ad185da5f0926c1396169cce6571e7ccae226f3951358239c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8521
x-xss-protection: 0

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C69 624 B
297 B 36ms
17ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjMpfCZATAB&v=APEucNUoogDR3a2GyqScG9IZT_qdmcvVi9CH1MQr2WsyiGaIPDJLNR-gCGoW0VbwTt7yM0xTiGywb0_pnPLlTWzAjDR66sBAlIWFATVAPP_5djO1GuU0kIPFu-qEXRqZYnxtykpzzx1pyKXbYK3nlIHhhYSn9BiuN0vPmLmZw_xNlsYxvG2bctY

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjMpfCZATAB&v=APEucNUoogDR3a2GyqScG9IZT_qdmcvVi9CH1MQr2WsyiGaIPDJLNR-gCGoW0VbwTt7yM0xTiGywb0_pnPLlTWzAjDR66sBAlIWFATVAPP_5djO1GuU0kIPFu-qEXRqZYnxtykpzzx1pyKXbYK3nlIHhhYSn9BiuN0vPmLmZw_xNlsYxvG2bctY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk-TTwZvqfhSCiCrVYyJiHGfmBszv8vzLkCUck466WwJzx6GCOOyLoqDsHZD5s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 19 Jul 2021 19:42:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6654 24 KB
13 KB 56ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyrjWFOIzwIDoZSO6enLUB76_4AcHBAbFRm7GIbAlh1KmyxhVyb-ZW8kqmmju2gabv6OwgPpLdEIeMjEUXnY4RkU1PJI-0mhq4gbtK0Pegbt2RBLnM9tDOaIISjRAZVxn1CYyy9wNTe97sXzigT7b2vIWo5A&cry=1&dbm_d=AKAmf-ARrlizgFXGuWlGA1utHk6T2Rtrv3LX5y-MEQ5dmc5mmd0nNgw45AY9svTK-Wqz3ChKo3VPTkIQVCkT19SAfgSbomHKqG-lnhjK4sByFSMmlkDoV2g5Zozhv85aIeTKQ7nmGLX5Fn50ZKmZtxu_EJzamMVjiiT266E_h2k45jyyibQuoHsg5-EWP7CzFyMB4v-ZFEufEyRrRu-YjiZKu6GrmPZv9Ad7bwtphyZvQIBQ3XHSBfZWVZxbp0dj6U3oCCwkRKm7WdnyBjP3xnPrB5xNZ2FB4FiFYvpP5-0zCHmqno1AkBYwA3X6lkCPg3SvBQ0vqBpLJhvWPL1mNEK-zXB_geAGOCo2RNYRIuDYz4arlxpLv4_m0RiwmM_lncOYOMCt0LaMPfZ5rx8MZ-aj632a6TVNXCjq8PhES-PxmaOopkYmdajVc0TVI9pDCkIVm74nGXDY8AVrR0H7wYiQ6Vl2QgYmcfTnQRQ9AtUlAOhSkv8odadis6oXt_DDT89WeTXUWwExk-Ik2s2OGfW_Cx6oYhtrh-L0v45lx1jfC3D1eA4NbOiT3c3lm9hwjE3QHDP_EfT5ATK_exEEp2ULKPk7yAjEIpW7OWoptmM_g9E6qPOabO7w3lHUZ4bxPiGyn-6WiMFSn8o4KfYZ1BnR2_7X0yCTtkCqQvC9leMAMFT5-zfcUtqM1FKtxN8SqoHT1eJ73No3hPGZ7J9_SnVbx_3832AG6NICIVWyRIqyE5po7Y1DLwuLxZ9EgKmYcLt2lPlIuH2LR98UXuZWzt9mk7BvRauocpHeVjmFmvt-iMKi2dDjomHtukHS-Br2Y76Th_cQCyZohZhEPC-3ynWy5whxUmdmdxtJs9DGwZ_0RS0QQMWs2W0pdISwDGDrznc2GMYZiY0J573bgd3RX2qWnmsuKoFdTUdfQLRNsJxqiyy-36VApR9yx6OLt5S2hWpPur69nCtwTD7FTeiIKFxwRfQ2pPbJqiLQWqh072Kahic5JbR2PFRj0oecIRgrtjsjVqvACNYoaVJvsW-ZOhtJ_9_opNWvDFn-ihEPgmWnud6TmcwbUVZNF8TwO4EN5IMca2VVRmmJ5CqMPjJauSxiM9Hai2NcDnRxT0RfsQtkIiwbtFc-7mHm0q661rIQOs0H28Sq8ednwAdQXI1lXk0DElKq1yOZ0T5Nctk_jnvr3XoEEz1AhuktQ5HCQ1Batf_KnsiSZcEiPtS7AzL7NfjNY1TEnvS6pKjk7Fi3aNKwy5eKW6l2wB9fZLGehrddVHFTI14yONY550UGKFOfxeOII8U7Cm3F1hihYUbo61WqDpFIUyPUFk0wmRBwbIgrTSbWa_C1toh_4c3WD0oChraXqaEK7G8ZlHFd8JIUNfoO-ZQgecrnoh8yUGGBT3l8a4XhZM_BMW-JbBA0bQRt7mxDrfFAwEDylQaIDhT2a1qWkIpVdfU1uKI1dswFsuIUKpXiEFHqqFoY1wgeProhKPJxaUGtCUVwOocFRRbCDyW1-oMtbVUIQYrVv_IYb1PjdEuTOiFIVdHmbFxPo6w0j06AFM5NQIFa9ciXaueIIwtc41AMPuv_EW7t4QocHis_85NQ6KJO7PN--8hT8LXuhall46CxXer8uwBHyorPR5b1ILD4megB685mE-nEHGuMddr1Tjw7nxXEoSn4u6fFP9Ek_9uI1s1x3wc0gRBSEJj6OBI0dmdTuvevtIqm-b1Lta2qK1Ws95bxmjJGfjzbybOxfZcf0zd7nqiz_sYlIp78on0MOuQ-V_3j3BXEAHvd7zA47ZkE-H5-1uBET89TjI4jXwYWIjTfko_gMst31UnyH_tdir8nR6ZiuGE7Ung9KINkOl3AUDo-VZEkFzk77HjHqg544fEnj84BkzSymhPbV8ifQczTvW8R9XnJBU7mQI11b-qXCz9Dm6w9cjftWNxac3NcjtCqDspePK-lH8ugnTM5uOcljBHbhJt7pAPpfq33hm-FolR3Cysh-apPkEIxjgWB0E8c2TMpQzN6TZYQROjhwLk9fLZFEuAmssbkub5UP7-ox1XOa6yu76Mgdg4Oqa61C43u04Jk24fS6qssm-7M2lK8W6rq5SCwb6osMTnpXY6gvsieR_88eIHvtJVMFS9OokVr-0X2O5KTcZwRE8rqF0hJW_eJuEgkeEYasEGiZjkWDfGkT1hQ16esJhxGOfhZUBKnNobLcFlMg0iQAc3gKLe9bFJ2U-8Py56T-9gwWmlG3FikBbOF_05CKx9Jx-qVJVJowbMeVCz-Rv8A1dT90KR-vqORhbygk1d48VMYJnoy7YC16VWR3HWe1spzRh0FOCB4Tjtd_rx7Ylh4p591e11WIxS2pwYQHrsJdQU0WMRMtIvkGbMQVBTauoSR_rAeJTt4joW-wWb5Ruhbivn4XI9y-3rED3VmqexpocFQ95SYwbdO6X-7vSau7o8rlKe3uKwFQbk2uAId1pm3UQfHm4qh_wt18faBMiiyr8r25ilvsI1eEnImJcUJG19KwZIgefHc63S9LKJOPPM1ZCRQWbV8mVrDbpGztoqop9HeLkmiUBRzcyh1WLfUyQRCgn6kk1rZ9ZNkjv7SfJtaHVZpzcDEWFVkbcMOvHkVqYhqpyaXhYtPSjWRFUDSRsrzHw1xuUjM30QCLkmwr215wS4Vbs8aS94rJTi0onpVIDiDNWR2LDXUmnD1OYQzAxxQAXb--Ci9txlC7maRdgvDG81iNcEEpggTxMGCaF27MfTdGVYj91QdrjhH7oyNdIR5KySs8Az2FfUZl3V_6FXQ2l1gd3G36XGmmqVJV3RJh0C0UveVdsEk91w4Skqn5FWhqb8spW-Rbel5iZQ6h9_04NfacasgmAcUS7hDHChKSeZmQ2tZc_b6YH9IKBUSZ0Ly0oG1zkpKVrhJnJhEo8XQgftLBrjJ5Wth2gxl1pioR67HK_2b7HOBHpRldw_IXnlnHyrAW6tybJ2ZlHwsszgbXTnmGAJEaqepPSnKfUvMSYyaELIalYmc520Ha5YzfV5uLre9BW5g41f0UG7_rNUw1fBjMiaHgee7jhg_D-4WrOmGUN6aTXQw&cid=CAASEuRoE8OvmAY-bY81PUFMgBRo4A&rfl=1%2Chttps%253A%252F%252Fwww.edestinos.com.br%252F%240

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0685483cd5da353ca0e2600de4a57048aed163f8332f853f380cdd1f2e6053aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6654 42 B
118 B 41ms
38ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COVFd9S-lwvqunK6KxixRxWLq6fBI8k2LNyUR-KfgO06-BtUWqwfq_05aDlojlRjNSUbFPmSvVXRpvUX0n8QwQcyWidfvWMt-_g1ZymnCWEgUyUcQ

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 6654 2 KB
2 KB 25ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4231994&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hvcKJtVg8dxUX0NpxZCY14&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228438&DVP_DBM_4=322704076&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46938523822&turl=https://www.edestinos.com.br/&DVP_PP_BUNDLE_ID=
Requested by: Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 09:29:38 GMT
Server: Microsoft-IIS/10.0
ETag: "49b02714972d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6654 7 KB
3 KB 25ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hvcKJtVg8dxUX0NpxZCY14&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228438&DVP_DBM_4=322704076&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46938523822&turl=https://www.edestinos.com.br/&DVP_PP_BUNDLE_ID=
Requested by: Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ea0da3782f31c1909f5d4b3796e74892bd0c623685cf73e271dffe6c84e1ec64

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 12:55:06 GMT
Server: Microsoft-IIS/10.0
ETag: "031264c9d7cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3172

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 6654 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 19:41:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6654 124 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 6654 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 19:41:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6654 0
0 17ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSr_TprzUGwFVb4LOE4b0I1-GIF7hQRmQjyI5O_bWoTKmhbIMlK5oWJcYcWGUGp9fF0fb0IrigeEzIA1oFwLcSVUEXOhQ
Requested by: Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 19 Jul 2021 19:42:03 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FDBB 12 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 19 Jul 2021 19:35:41 GMT
expires: Tue, 19 Jul 2022 19:35:41 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 382
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4135 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05abf2de0d982c5ed0b177efe5255683f4ed00a44f9b27167075bcf93c32c977

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-elIS6YvxLsMrJjETPXfEiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.edestinos.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=219=qrCBSI41Emj2KBDsb3FF6qichCWC5tVU4qwH7ab3faLIkeJo6eGuVl0gQqL8PW9JptKQt0Q7meZpeIWBvO0mx8P-1q4V6KJLAu9eJ0h-WtK_Qshpx2nT3p4WO9RENYSGqNYYet5Us_2qihjhmwhiPekBABvk-BSYxxrahmxsoQU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.edestinos.com.br/

Response headers

expires: Mon, 19 Jul 2021 19:42:03 GMT
date: Mon, 19 Jul 2021 19:42:03 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-elIS6YvxLsMrJjETPXfEiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1

43 B
1014 B

41ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjMpfCZATAB&v=APEucNUoogDR3a2GyqScG9IZT_qdmcvVi9CH1MQr2WsyiGaIPDJLNR-gCGoW0VbwTt7yM0xTiGywb0_pnPLlTWzAjDR66sBAlIWFATVAPP_5djO1GuU0kIPFu-qEXRqZYnxtykpzzx1pyKXbYK3nlIHhhYSn9BiuN0vPmLmZw_xNlsYxvG2bctY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 19 Jul 2021 19:42:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C69
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPXVi3q-hlByJRj5WRqK5wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjMpfCZATAB&v=APEucNUoogDR3a2GyqScG9IZT_qdmcvVi9CH1MQr2WsyiGaIPDJLNR-gCGoW0VbwTt7yM0xTiGywb0_pnPLlTWzAjDR66sBAlIWFATVAPP_5djO1GuU0kIPFu-qEXRqZYnxtykpzzx1pyKXbYK3nlIHhhYSn9BiuN0vPmLmZw_xNlsYxvG2bctY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 19 Jul 2021 19:42:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQfJBooo8t0gC_4hlrtiI4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0C69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPK6Paq7bRV-BBtlPuWlysM&google_cver=1

43 B
1008 B

32ms
32ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPK6Paq7bRV-BBtlPuWlysM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjMpfCZATAB&v=APEucNUoogDR3a2GyqScG9IZT_qdmcvVi9CH1MQr2WsyiGaIPDJLNR-gCGoW0VbwTt7yM0xTiGywb0_pnPLlTWzAjDR66sBAlIWFATVAPP_5djO1GuU0kIPFu-qEXRqZYnxtykpzzx1pyKXbYK3nlIHhhYSn9BiuN0vPmLmZw_xNlsYxvG2bctY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 02b7f20e-55b3-4901-bb9e-d399b7d81feb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPK6Paq7bRV-BBtlPuWlysM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0C69
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4ODg3MTE5MjY0MjY5MjQ4MA%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4ODg3MTE5MjY0MjY5MjQ4MA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 182ce2a8-d6de-4c0b-9c1d-436976a9f970
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY4ODg3MTE5MjY0MjY5MjQ4MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 6654 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyrjWFOIzwIDoZSO6enLUB76_4AcHBAbFRm7GIbAlh1KmyxhVyb-ZW8kqmmju2gabv6OwgPpLdEIeMjEUXnY4RkU1PJI-0mhq4gbtK0Pegbt2RBLnM9tDOaIISjRAZVxn1CYyy9wNTe97sXzigT7b2vIWo5A&cry=1&dbm_d=AKAmf-ARrlizgFXGuWlGA1utHk6T2Rtrv3LX5y-MEQ5dmc5mmd0nNgw45AY9svTK-Wqz3ChKo3VPTkIQVCkT19SAfgSbomHKqG-lnhjK4sByFSMmlkDoV2g5Zozhv85aIeTKQ7nmGLX5Fn50ZKmZtxu_EJzamMVjiiT266E_h2k45jyyibQuoHsg5-EWP7CzFyMB4v-ZFEufEyRrRu-YjiZKu6GrmPZv9Ad7bwtphyZvQIBQ3XHSBfZWVZxbp0dj6U3oCCwkRKm7WdnyBjP3xnPrB5xNZ2FB4FiFYvpP5-0zCHmqno1AkBYwA3X6lkCPg3SvBQ0vqBpLJhvWPL1mNEK-zXB_geAGOCo2RNYRIuDYz4arlxpLv4_m0RiwmM_lncOYOMCt0LaMPfZ5rx8MZ-aj632a6TVNXCjq8PhES-PxmaOopkYmdajVc0TVI9pDCkIVm74nGXDY8AVrR0H7wYiQ6Vl2QgYmcfTnQRQ9AtUlAOhSkv8odadis6oXt_DDT89WeTXUWwExk-Ik2s2OGfW_Cx6oYhtrh-L0v45lx1jfC3D1eA4NbOiT3c3lm9hwjE3QHDP_EfT5ATK_exEEp2ULKPk7yAjEIpW7OWoptmM_g9E6qPOabO7w3lHUZ4bxPiGyn-6WiMFSn8o4KfYZ1BnR2_7X0yCTtkCqQvC9leMAMFT5-zfcUtqM1FKtxN8SqoHT1eJ73No3hPGZ7J9_SnVbx_3832AG6NICIVWyRIqyE5po7Y1DLwuLxZ9EgKmYcLt2lPlIuH2LR98UXuZWzt9mk7BvRauocpHeVjmFmvt-iMKi2dDjomHtukHS-Br2Y76Th_cQCyZohZhEPC-3ynWy5whxUmdmdxtJs9DGwZ_0RS0QQMWs2W0pdISwDGDrznc2GMYZiY0J573bgd3RX2qWnmsuKoFdTUdfQLRNsJxqiyy-36VApR9yx6OLt5S2hWpPur69nCtwTD7FTeiIKFxwRfQ2pPbJqiLQWqh072Kahic5JbR2PFRj0oecIRgrtjsjVqvACNYoaVJvsW-ZOhtJ_9_opNWvDFn-ihEPgmWnud6TmcwbUVZNF8TwO4EN5IMca2VVRmmJ5CqMPjJauSxiM9Hai2NcDnRxT0RfsQtkIiwbtFc-7mHm0q661rIQOs0H28Sq8ednwAdQXI1lXk0DElKq1yOZ0T5Nctk_jnvr3XoEEz1AhuktQ5HCQ1Batf_KnsiSZcEiPtS7AzL7NfjNY1TEnvS6pKjk7Fi3aNKwy5eKW6l2wB9fZLGehrddVHFTI14yONY550UGKFOfxeOII8U7Cm3F1hihYUbo61WqDpFIUyPUFk0wmRBwbIgrTSbWa_C1toh_4c3WD0oChraXqaEK7G8ZlHFd8JIUNfoO-ZQgecrnoh8yUGGBT3l8a4XhZM_BMW-JbBA0bQRt7mxDrfFAwEDylQaIDhT2a1qWkIpVdfU1uKI1dswFsuIUKpXiEFHqqFoY1wgeProhKPJxaUGtCUVwOocFRRbCDyW1-oMtbVUIQYrVv_IYb1PjdEuTOiFIVdHmbFxPo6w0j06AFM5NQIFa9ciXaueIIwtc41AMPuv_EW7t4QocHis_85NQ6KJO7PN--8hT8LXuhall46CxXer8uwBHyorPR5b1ILD4megB685mE-nEHGuMddr1Tjw7nxXEoSn4u6fFP9Ek_9uI1s1x3wc0gRBSEJj6OBI0dmdTuvevtIqm-b1Lta2qK1Ws95bxmjJGfjzbybOxfZcf0zd7nqiz_sYlIp78on0MOuQ-V_3j3BXEAHvd7zA47ZkE-H5-1uBET89TjI4jXwYWIjTfko_gMst31UnyH_tdir8nR6ZiuGE7Ung9KINkOl3AUDo-VZEkFzk77HjHqg544fEnj84BkzSymhPbV8ifQczTvW8R9XnJBU7mQI11b-qXCz9Dm6w9cjftWNxac3NcjtCqDspePK-lH8ugnTM5uOcljBHbhJt7pAPpfq33hm-FolR3Cysh-apPkEIxjgWB0E8c2TMpQzN6TZYQROjhwLk9fLZFEuAmssbkub5UP7-ox1XOa6yu76Mgdg4Oqa61C43u04Jk24fS6qssm-7M2lK8W6rq5SCwb6osMTnpXY6gvsieR_88eIHvtJVMFS9OokVr-0X2O5KTcZwRE8rqF0hJW_eJuEgkeEYasEGiZjkWDfGkT1hQ16esJhxGOfhZUBKnNobLcFlMg0iQAc3gKLe9bFJ2U-8Py56T-9gwWmlG3FikBbOF_05CKx9Jx-qVJVJowbMeVCz-Rv8A1dT90KR-vqORhbygk1d48VMYJnoy7YC16VWR3HWe1spzRh0FOCB4Tjtd_rx7Ylh4p591e11WIxS2pwYQHrsJdQU0WMRMtIvkGbMQVBTauoSR_rAeJTt4joW-wWb5Ruhbivn4XI9y-3rED3VmqexpocFQ95SYwbdO6X-7vSau7o8rlKe3uKwFQbk2uAId1pm3UQfHm4qh_wt18faBMiiyr8r25ilvsI1eEnImJcUJG19KwZIgefHc63S9LKJOPPM1ZCRQWbV8mVrDbpGztoqop9HeLkmiUBRzcyh1WLfUyQRCgn6kk1rZ9ZNkjv7SfJtaHVZpzcDEWFVkbcMOvHkVqYhqpyaXhYtPSjWRFUDSRsrzHw1xuUjM30QCLkmwr215wS4Vbs8aS94rJTi0onpVIDiDNWR2LDXUmnD1OYQzAxxQAXb--Ci9txlC7maRdgvDG81iNcEEpggTxMGCaF27MfTdGVYj91QdrjhH7oyNdIR5KySs8Az2FfUZl3V_6FXQ2l1gd3G36XGmmqVJV3RJh0C0UveVdsEk91w4Skqn5FWhqb8spW-Rbel5iZQ6h9_04NfacasgmAcUS7hDHChKSeZmQ2tZc_b6YH9IKBUSZ0Ly0oG1zkpKVrhJnJhEo8XQgftLBrjJ5Wth2gxl1pioR67HK_2b7HOBHpRldw_IXnlnHyrAW6tybJ2ZlHwsszgbXTnmGAJEaqepPSnKfUvMSYyaELIalYmc520Ha5YzfV5uLre9BW5g41f0UG7_rNUw1fBjMiaHgee7jhg_D-4WrOmGUN6aTXQw&cid=CAASEuRoE8OvmAY-bY81PUFMgBRo4A&rfl=1%2Chttps%253A%252F%252Fwww.edestinos.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b16ba35e5187f8a497911c15869ed3dde1699b7cde356aab4756f79c5361b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9232
x-xss-protection: 0
server: cafe
etag: 10905407182236941062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 19:38:19 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6654 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 11:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 11:35:08 GMT

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 286ms
95ms Preflight
text/plain 2600:1f18:f8a:b702:3244:e271:3ba7:c409
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.riskified.com/v2/client_infos
Protocol: H2
Server: 2600:1f18:f8a:b702:3244:e271:3ba7:c409 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
access-control-request-method: *
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
x-b3-traceid: 04da816ef9976c1d7a03b6ea40c95ecf
x-b3-sampled: 0
x-b3-parentspanid: 8b3e81f00bee410e
x-b3-spanid: 6a7f95558b767b9c
server: istio-envoy

POST
H2 201 client_infos Show response
c.riskified.com/v2/ 0
370 B 97ms
97ms XHR
text/plain 2600:1f18:f8a:b702:3244:e271:3ba7:c409
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c.riskified.com/v2/client_infos
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:f8a:b702:3244:e271:3ba7:c409 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.edestinos.com.br/
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
access-control-request-method: *
server: istio-envoy
x-b3-traceid: dd744e845c5ad56673a837b672e89359
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
x-b3-spanid: ef37b8f773567d1c
x-b3-parentspanid: 5177b254b760f2a4
x-b3-sampled: 0
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

POST
H2 200 fbb20ace36d04c4c9455bf73ddd93759_edestinos.com.br Show response
compare.edestinos.com/n2/c/v0/a/ 9 KB
3 KB 175ms
175ms XHR
application/json 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/n2/c/v0/a/fbb20ace36d04c4c9455bf73ddd93759_edestinos.com.br
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: f90466dd4667c82633f8ed630b8de8cb57260eb2b4f4f156dd34f2f0f60a6b1f

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: gzip
etag: W/"22ca-hWfVey0xXTKgL4WG6Wuc4oxSYJg"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.edestinos.com.br
x-kong-upstream-latency: 6
access-control-allow-credentials: true
x-kong-proxy-latency: 0
access-control-allow-headers: Accept, Content-Type, Cookie, Authorization
via: kong/2.0.5

POST
H2 200 api Show response
sdk.adara.com/ 2 B
62 B 24ms
24ms Fetch
text/plain 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.edestinos.com.br/
X-Adara-Key: NzM1ZTdmYWQtMjE2Yi00MTMwLTk1OGUtZjNmNjQ0NDdkYjE4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Adara-Key
content-length: 2

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 25ms
25ms Preflight 34.102.191.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api
Protocol: H2
Server: 34.102.191.167 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 167.191.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-adara-key
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
date: Mon, 19 Jul 2021 19:42:03 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5370 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:35:08 GMT
expires: Tue, 19 Jul 2022 11:35:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame FDBB 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H/1.1 200
OK dvbs_src_internal94.js Show response
cdn.doubleverify.com/ Frame 6654 60 KB
19 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4231994&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hvcKJtVg8dxUX0NpxZCY14&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228438&DVP_DBM_4=322704076&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46938523822&turl=https://www.edestinos.com.br/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 09:29:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80bea8794972d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19085

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 5A05 1 KB
1 KB 35ms
7ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=55465
Date: Mon, 19 Jul 2021 19:42:03 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 6654 2 KB
1 KB 114ms
32ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_970819025573&jsTagObjCallback=__tagObject_callback_970819025573&num=6&ctx=1828362&cmp=115845&plc=4231994&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=970819025573&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.70&dvpx_strhd=0.70&brid=0&brver=&bridua=3&dup=null&turl=https://www.edestinos.com.br/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hvcKJtVg8dxUX0NpxZCY14&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228438&DVP_DBM_4=322704076&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46938523822&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=142&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D656DE%3A%3F%40D%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D656DE%3A%3F%40D%5D4%40%3E%5D3CTar9EEADTbpTauTau273dd6_a%60_hhg_47b6effgce56ah4cag%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=15.40
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b010562c9805f4a7f0c5618e57992dd4b9ed3961cda85c8359fbda6c552bcf11

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Mon, 19 Jul 2021 19:42:03 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/18/2021 7:42:03 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 2CB4 4 KB
2 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=69747
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5370 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13391
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 13:04:06 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6654 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal94.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3828
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 19:49:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 19 Jul 2021 20:26:15 GMT

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 6654 807 B
1 KB 82ms
27ms Image
image/gif 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=9324732743a446b5b1d20c068b67f059&dvp_or2=1&cbust=1626723723582927
Requested by: Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 7:42:03 PM

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame 6654 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 11:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 11:26:15 GMT

GET
H2 200 f877dff7398e3e1ed71338a9febe9a6a2fa4faf2.js Show response
compare-static.edestinos.com/asset/non-adslots/ 969 KB
219 KB 40ms
36ms Script
application/javascript 143.204.98.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare-static.edestinos.com/asset/non-adslots/f877dff7398e3e1ed71338a9febe9a6a2fa4faf2.js
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/r/ucb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-96.fra50.r.cloudfront.net
Software: / Express
Resource Hash: 81b743dcefad1cf8a5e69032caf959c87ef0314a42179de81c66e8dd5ad77434

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ctz-is-mdeps: true
date: Tue, 13 Jul 2021 21:39:28 GMT
content-encoding: br
age: 511355
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=2592000
access-control-allow-credentials: false
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Content-Type
x-amz-cf-id: R62MHhvLXLxBgvI-JBT8Mq64Ej6JwdzTdRFh2dpQeGUfFGwzDNqUnQ==
expires: Thu, 12 Aug 2021 21:39:28 GMT

GET
H2 200 B9689862.280630144;dc_ver=76.220;sz=728x90;u_sd=1;dc_adk=3541998529;ord=zstuqd;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.edestin... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 6654 36 KB
19 KB 117ms
59ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=76.220;sz=728x90;u_sd=1;dc_adk=3541998529;ord=zstuqd;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.edestinos.com.br%2F$0;xdt=1;crlt=vzwoasxRZe;osda=2;sttr=30;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

6aa554441a8427cf0649034646a760c398ee264a3392a9920bd7b99471539bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18410
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
static.clicktripz.com/scripts/js/adblock/ 43 B
492 B 134ms
43ms Script
application/javascript 13.224.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.clicktripz.com/scripts/js/adblock/ads.js
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/asset/non-adslots/f877dff7398e3e1ed71338a9febe9a6a2fa4faf2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-105.zrh50.r.cloudfront.net
Software: openresty/1.13.6.2 /
Resource Hash: e0750f45fe6ba219a663fa111c8544cf8e5464014bdec039a20091f39351cc70

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 20:57:59 GMT
content-encoding: br
age: 81844
x-kong-proxy-latency: 0
x-cache: Hit from cloudfront
x-kong-upstream-latency: 2
last-modified: Thu, 03 Jun 2021 19:44:10 GMT
server: openresty/1.13.6.2
etag: W/"60b9310a-2b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: kong/2.0.5, 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VCWLOPKdi9tRdbaW1pydvbOzAZO04_ryDb2EJ49EgSWNN7yTK0NzAg==
expires: Mon, 19 Jul 2021 20:57:59 GMT

GET
H2 200 210713_132454_b37a8fd_00a4ff9_0.0.11-7190eea_9fe4d58.js Show response
compare-static.edestinos.com/asset/ct-core/ 200 KB
35 KB 26ms
26ms Script
application/javascript 143.204.98.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare-static.edestinos.com/asset/ct-core/210713_132454_b37a8fd_00a4ff9_0.0.11-7190eea_9fe4d58.js
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/r/ucb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-96.fra50.r.cloudfront.net
Software: / Express
Resource Hash: b327dd94568592f7de2fc6c01355b47cf5c7395e29966cf201bc14232ed33375

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ctz-is-mdeps: true
date: Tue, 13 Jul 2021 21:48:59 GMT
content-encoding: br
age: 510784
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control: max-age=2592000
access-control-allow-credentials: false
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Accept, Content-Type
x-amz-cf-id: F5eGYrhpCfXpLWCArvjIlVdSPJpDd4agiva7lTk4Gy0SOrwWCyxUmQ==
expires: Thu, 12 Aug 2021 21:48:59 GMT

GET
H2 200 opt-out Show response
compare.edestinos.com/api/ddu/v1/ 165 B
607 B 192ms
192ms Script
application/javascript 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/api/ddu/v1/opt-out?publisherID=2634&alias=fbb20ace36d04c4c9455bf73ddd93759_edestinos.com.br&optOutDuration=1800&callback=_ctz_callback_jsonp_39ef9cddf1b24606acd71248ec77e84b
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/asset/non-adslots/f877dff7398e3e1ed71338a9febe9a6a2fa4faf2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: openresty/1.13.6.2 /
Resource Hash: 05b591dc80e15b41800c959a48ef92d8ef624c980278c0433f3d6ed5b25dc1fc

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
content-encoding: br
server: openresty/1.13.6.2
x-kong-proxy-latency: 0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin
x-kong-upstream-latency: 23
cache-control: private
access-control-allow-credentials: true
via: kong/2.0.5
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 logs
compare.edestinos.com/ 2 B
285 B 170ms
170ms Ping
application/json 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/logs
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/asset/non-adslots/f877dff7398e3e1ed71338a9febe9a6a2fa4faf2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:03 GMT
via: kong/2.0.5
server: Cowboy
x-kong-proxy-latency: 0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-kong-upstream-latency: 2
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 2
x-request-id: 2q9kh6tkfl2b9i9l7hl91c02

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/elements/html/ Frame 6654 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=76.220;sz=728x90;u_sd=1;dc_adk=3541998529;ord=zstuqd;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.edestinos.com.br%2F$0;xdt=1;crlt=vzwoasxRZe;osda=2;sttr=30;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 19:35:38 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6654 0
299 B 35ms
33ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYWHhbZ6tj_7uxSeozlWL9FWhg19asxTfy8g7fOwtw0jOSqBbhh_y68iKu-BO7N4jqni2SYkGwmSO4RqXA0eHXeqrVccQw49Ze-nTwJiFmhxrW0-Uw0t8TpjC1OjAp0t9TZxw9Lq9VwpOqWYKr32JPE4hnoRDBtIXi&sig=Cg0ArKJSzIghjs45Vp_xEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210712.20574&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6654 7 KB
3 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=487515758&btadsrv=doubleclick&crt=140207248&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=76.220;sz=728x90;u_sd=1;dc_adk=3541998529;ord=zstuqd;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=1,https%3A%2F%2Fwww.edestinos.com.br%2F$0;xdt=1;crlt=vzwoasxRZe;osda=2;sttr=30;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ea0da3782f31c1909f5d4b3796e74892bd0c623685cf73e271dffe6c84e1ec64

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 12:55:06 GMT
Server: Microsoft-IIS/10.0
ETag: "031264c9d7cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3172

GET
H2 200 5OKRwRmYjDxKD7Fq7QsGifSQPXpjtKZCZzpFhrRNFYWjkPl86Y8KOOg2U7HdcO5iGg1ZwtSd1MNDTu1Ymihp9iqYvPNySlTnzZKzHvwqkFdn059-LyQMuOE-BjFUfrQ=w728-h90-n
s2.2mdn.net/proxy/ Frame 6654 31 KB
31 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.2mdn.net/proxy/5OKRwRmYjDxKD7Fq7QsGifSQPXpjtKZCZzpFhrRNFYWjkPl86Y8KOOg2U7HdcO5iGg1ZwtSd1MNDTu1Ymihp9iqYvPNySlTnzZKzHvwqkFdn059-LyQMuOE-BjFUfrQ=w728-h90-n

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c1cf785cef23780a1d4c6c8f3773347eea30cd9e526ec164ede19df30c479d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 16:11:28 GMT
x-content-type-options: nosniff
server: fife
age: 12635
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31341
x-xss-protection: 0
expires: Tue, 20 Jul 2021 16:11:28 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071301&jk=888293530371271&bg=!9Pel97PNAAZjFomlYxY7ACkAdvg8WiMuCpO5dQQbBEVlsSTY549gmySS2dEuTlMNO4huTBHQAoC6cwIAAAEDUgAAACFoAQcKAPCk3Nwlhp_snuewfeY1UPThqmFew-zfuQc0HTYOMVtQGPMOLVcC2s1QORe2T5i4u9vE8r7xus4ogLurrufp_SDsfS13ID5AlRExPcu1X1vfpNRGAFlrDk98CjRe-ulZta-xWIxG1YlZ-1Inrz2gDGHw2IsJEY7dyRwbM-ZDLWf-i6zhwmzR8eLDYemHnzOWi7JEyXGgim62hbiRkJICYx0RgWmngB7E9Rql-jEf1oTSnI545vlqfGYPtzkddODzu7YaTcKZASpgb3JjwgJ-DWRZPnoDxJOQ4sgQA2FdNLoJ703QNXiIka_rwctLfOUHOoSZAn1xdMG4iSwxzuxri_6rq7vFDUGQfjzcZPGSBcevkWyVya7D5UIdXV2XnH7JeLimVVVO1R48UZRQOQ0-IJ9YmpMYZMV9b2BsYBdacWhr5F0MKg5vO4QNugeRHcyOnHpajCXE2jPj6K72KEnqAlYVkqoSkT0U4UY5zLit9-vFHMNFeYWIcotw2pMCs2nnK2kQeq8F8mZITVmYiCIRZsKeCrDXvW1FNPSkSukjEJ3SpobdcdU2BpPwa8DT2dUiNileUspl6XtXZOOWwoYbaIBvPhUAohKvdQPp7v--BCdV1EsXENF7QEKZ79N7YyeMRmzdbAYoCGzhFMuYCUGtaRpYPxqBdDUW1Lk6WUvkSzJkLTWAY7tz2VrZ71B7bV-Gk8yzrXeUYMY_VfZG7LMgtJLHqapNASKkUCUpTnW5rU-anQ_ppMbjHSwGVF86lSc0-ZD0Cc9tOcpPovlIo24BFb9gQczK66CXqlWKcUwsa_g05nLNO8Mwlc1cYuh440ebzXeO0e7lTSzVIGDvQavAziSQnmqJO7mDGYeQ7fP3JuDJIa6TyPeZikRgrrFG3yfoKRSr7ZfDb-qBWjXxclQNinkYU-Z8GI7B2k1OPJFhm9I-nubyNM2JAMU2pTmXsi8aepH2cHhQv4YQlBL1CEISCpKpjAeVRiadn1f_GWIN2bNriuOaukRoE-rwvo3L6Lnc_B1w7s8G-QPqMkfyibqFjGrpVDtMn0ZIF15QQOdBzteYvP5Bd-QjNhxXrnkZs_rTK-6HeYEDZQ8gKXT1VM2oVG9KiNLhfy1Bjtm6WaW8wdsVwTm1ASUWx11hG_D4iX86XAml4orMnDOEUUXmJu589kLQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0F98 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:35:08 GMT
expires: Tue, 19 Jul 2022 11:35:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements1534.js Show response
cdn.doubleverify.com/ Frame 462F 483 KB
87 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1534.js
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 51c6eec806ace698b1db3e554442d5b45e772e61265b45d9a2f6c3ff2911bbc2

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Jul 2021 12:57:02 GMT
Server: Microsoft-IIS/10.0
ETag: "0a3e066d47bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89033

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99BB 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Jul 2021 03:09:05 GMT
expires: Tue, 20 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 59579
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6654 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5368b69ba2569ec9767733153d170244834b7c55c9fd6eb9b6f116a902c87f8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6654 0
23 B 68ms
34ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 19 Jul 2021 19:42:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 create_context.php Show response
compare.edestinos.com/integrations/api/vendor/edestinos/ 105 B
613 B 177ms
176ms XHR
application/json 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/integrations/api/vendor/edestinos/create_context.php
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: openresty/1.13.6.2 /
Resource Hash: 0d6163452bc13e6dd32e173463a3137385516657075dda14f9d0d156d47b00db

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
content-encoding: br
server: openresty/1.13.6.2
x-kong-proxy-latency: 0
vary: Accept-Encoding
access-control-allow-methods: Content-Type, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.edestinos.com.br
x-kong-upstream-latency: 9
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Methods, Content-Type
via: kong/2.0.5
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 create_context.php
compare.edestinos.com/integrations/api/vendor/edestinos/ Frame 0
0 519ms
179ms Preflight
application/json 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/integrations/api/vendor/edestinos/create_context.php
Protocol: H2
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: openresty/1.13.6.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
server: openresty/1.13.6.2
date: Mon, 19 Jul 2021 19:42:04 GMT
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: private
access-control-allow-origin: https://www.edestinos.com.br
access-control-allow-credentials: true
access-control-allow-methods: Content-Type, GET, POST, OPTIONS
access-control-allow-headers: Access-Control-Allow-Methods, Content-Type
content-encoding: br
x-kong-upstream-latency: 7
x-kong-proxy-latency: 1
via: kong/2.0.5

GET
H/1.1 200
OK dv-measurements1534.js Show response
cdn.doubleverify.com/ Frame 2686 483 KB
87 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1534.js
Requested by: Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 51c6eec806ace698b1db3e554442d5b45e772e61265b45d9a2f6c3ff2911bbc2

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 19:42:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Jul 2021 12:57:02 GMT
Server: Microsoft-IIS/10.0
ETag: "0a3e066d47bd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89033

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5370 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BovWEi9X1YPuYCuuN7_UP_8id4A4AAAAAOAHgBAI&bg=!iYqlis7NAAZjFomlYxY7ACkAdvg8WvupPWlACLHQ2kDEcJ53hcmnUL5Mm6LOwZXm_-5Lq5_A84aGyAIAAAE9UgAAAJ1oAQcKAMzM50Xox8yJknclfs8KL2J5uw2dmo-jyADMrLQ52EJQcr7cYv5dxnGIM2fY2seOWnBWxWhE75UfV5K83JQ6HAgeg3hbTW0DXveRZPpbQ0IkQQlv8BTLYvgWeyp4GLqdEKm6psnDkCXkMkwI5c27uDAxhhlqwOShEPDoj5ID4_ImpQ2FgBXaHAv91zGnAC8yDAuBxD900JDBkE1E7wiJFj3Acr2a8OdXbN5doDAgyJ2HldNszyrlMmjj4dLVWW5BuLYdkl8UOu8BfRYSBO-ZAsmVBsMyylHHJwkTz5n5XTW3LBPL-maGCJC1cpC0Ob5mLmsZaRXjNB6CdhFdeaNZBGtZDmmO00ijVeLFm5QC3KNpm8j3RTY3fAnVBO0Hi1FH63uJh0aNzN7IW5VDuEj_da-pu6HCmoUOhuXedRFOX5G7c6Z8Pq8quaBmISrnYg-82hNFLV24OXhoMZq1FS54XBuCsnSHeezIxbk4gcAYUhntk9E3MLIEZZ1-6p0hwaRm-Z1ZonUCe71vAQjrpirOmOF9r-fPkfYCEAhMDtB_4gQVQcEUyA7lwWCn7S7zn7LFs754pIOqJA9TLHfyYrG39qa401nmgcE9ZmbPf3Nc4HkCmBzsbTiSs7Nj-O3_NRtG_1Q8FsdTnXOzW7SwNFClHm19H5NewKRbKSnDlp4Gc0rxWjKJ-uaHSxxA8o_PE_zlX7hZCJs2wzvVxjhG63kwnCLOB2RwoFEezEDDh1aEat851fkaUwVhbOA8pajBl04__-EKjUuoCSzKEOFGRKB9J8mDrN2TGendHD6PEZVa9QTWlmM9PlQ0Ym2T3Kdz3cHoveSQU5KaFN2yKDCk8b-VG04dLeWbTHm5W3Fhkh9qD8Y98AFUqGa1dbBuLs_btAISYwkryjfKFfPgEbFQkRa80DtdArUpGaP1tYUkMDm_c6zX5FUy3aL6DgtQClhFU26SBBEqvkjLNSZCMuCtkoTCxLDpsiy2jvQQ6Way4HkDWubY0O-Pw-nqFn-uf8qSk3B9fhC8UD70CrK3m-ts4yL7QdoD5Ed7_3GrKUdHTPAr-W-b9qVrJCPV_lx9CVe4SnTRAH_uFuY33R1WE69Gmh1FELyCj7KXleuGBG-Ej433QpdgGwv9Wfp27Gx6x70nOS5Wjb5HGDPkLdhgjCn5-4zwywoMO0S-0qiJCdA3WLC5QWidLNOri3Ubjzkmxumj6ero_v6pylT8kAsOsw

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 462F 1 KB
1 KB 88ms
32ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=70&ttfrms=44&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D656DE%3A%3F%40D%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D656DE%3A%3F%40D%5D4%40%3E%5D3CTar9EEADTbpTauTau273dd6_a%60_hhg_47b6effgce56ah4cag%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=809&ddur=7&uid=1626723724152302&jsCallback=dvCallback_1626723724152239&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1534&tgjsver=1534&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fafb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&dvp_epl=239&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.edestinos.com.br/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hvcKJtVg8dxUX0NpxZCY14&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228438&DVP_DBM_4=322704076&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46938523822&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=972403.3467362034&dvp_tukv=787874791.1343087&dvp_uuid=1323864080477.6594&dvp_strhd=0.5999984741210938&dvpx_strhd=0.5999984741210938&dvp_tuid=1092602814903
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f20311b93c1b956530ba52e0b1887c9c011ef42a1b94bba901c191ee8caf8bf2

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/18/2021 7:42:04 PM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2686 1 KB
1 KB 81ms
32ms Script
text/javascript 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=109&ttfrms=8&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D656DE%3A%3F%40D%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D656DE%3A%3F%40D%5D4%40%3E%5D3CTar9EEADTbpTauTau273dd6_a%60_hhg_47b6effgce56ah4cag%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=809&ddur=7&uid=1626723724198999&jsCallback=dvCallback_1626723724198844&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1534&tgjsver=1534&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fafb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&dvp_epl=239&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=140207248&btreg=487515758&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=972403.3467362034&dvp_tukv=5023796667.57983&dvp_uuid=328868421980.0261&dvp_strhd=0.1999969482421875&dvpx_strhd=0.1999969482421875&dvp_tuid=1219548605059
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d6cba915b32cbbfad3603342887c21ec61eeecaf4cf5fd9e9e9b90bdd79c29da

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/18/2021 7:42:04 PM

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 99BB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESED2OUZamqgmMgl9aviqXXhM&google_cver=1&google_push=AYg5qPIXl4aatqbCmy5nHctDR0TmS--J6wyAt4zAyX5yXNuslFOCHx7kHwCplan0YvmPiryqE7-wvYyG2IEMVmgIX51Cm1gxMBw3
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5NjU3MjUwMjg5NzQ0NzEzNA==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESED2OUZamqgmMgl9aviqXXhM&google_cver=1

43 B
407 B

17ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESED2OUZamqgmMgl9aviqXXhM&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESED2OUZamqgmMgl9aviqXXhM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99BB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcV8s8OVPquOqyIeVJDiU4&google_push=AYg5qPKkaqiTzNl50rIqrxry9gelXa8KSydOvQybHoaUbPlwi6BTJ7PMNB...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcV8s8OVPquOqyIeVJDiU4&google_push=AYg5qPKkaqiTzNl50rIqrxry9gelXa8KSydOvQybHoaUbPlwi6BTJ7PMNBm8GvedTcuJtMqRN7h7t_tCCVaWaWbFgny-8l133PY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1626723724.275805,VS0,VE92
x-served-by: cache-fra19152-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEcV8s8OVPquOqyIeVJDiU4&google_push=AYg5qPKkaqiTzNl50rIqrxry9gelXa8KSydOvQybHoaUbPlwi6BTJ7PMNBm8GvedTcuJtMqRN7h7t_tCCVaWaWbFgny-8l133PY
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99BB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKL_0Zk1lPDH9BQ_Gy61XxI&google_cver=1&google_push=AYg5qPLN8uMjUJYaKe0Hnj9c3T-Tvl5CexmbmcgT_Af4uoCSK0jKFDIPXiVANsnLa6xyWqk72emXepQHpqEsNF...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjcyNTE5NDIxNTU4NTk0Mg%3D%3D&google_push=AYg5qPLN8uMjUJYaKe0Hnj9c3T-Tvl5CexmbmcgT_Af4uoCSK0jKFDIPXiVANsnLa6xyWqk72emXepQHpqEsNFd2iD...

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjcyNTE5NDIxNTU4NTk0Mg%3D%3D&google_push=AYg5qPLN8uMjUJYaKe0Hnj9c3T-Tvl5CexmbmcgT_Af4uoCSK0jKFDIPXiVANsnLa6xyWqk72emXepQHpqEsNFd2iDCFsFMmTz_m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NjcyNTE5NDIxNTU4NTk0Mg%3D%3D&google_push=AYg5qPLN8uMjUJYaKe0Hnj9c3T-Tvl5CexmbmcgT_Af4uoCSK0jKFDIPXiVANsnLa6xyWqk72emXepQHpqEsNFd2iDCFsFMmTz_m
Date: Mon, 19 Jul 2021 19:42:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99BB
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECzKE39QFK_1teKuTBtaXPg&google_cver=1&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpn...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECzKE39QFK_1teKuTBtaXPg&google_cver=1&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpn...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-zLPHW1ZT5BrrcsywCW1Mg&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpnpZViUnUj2HTsqxY4NE9u...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-zLPHW1ZT5BrrcsywCW1Mg&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpnpZViUnUj2HTsqxY4NE9ug07eNaosqW7FUHIyMEs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Jul 2021 19:42:04 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-zLPHW1ZT5BrrcsywCW1Mg&google_push=AYg5qPKDfqJQqQhsoWa3k19-p-z6AeSeb7ls2ql904CY_1mpFewM3slOjuKpnpZViUnUj2HTsqxY4NE9ug07eNaosqW7FUHIyMEs
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99BB
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFVObnnqpWD95nWZbZFTINo&google_cver=1&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFVObnnqpWD95nWZbZFTINo&google_cver=1&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6Ji...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=99c1d371-23d8-4f9b-80fd-533a0ea6e3c6
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=99c1d371-23d8-4f9b-80fd-533a0ea6e3c6
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=31689816-a9bf-49d8-a1ef-724df26519a2&user_group=1&ssp=google&bsw_param=99c1d371-23d8-4f9b-80fd-533a0ea6e3c6
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8g3S96G3y&google_hm=mcHTcSPYT5uA_VM6Dqbjxg==

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8g3S96G3y&google_hm=mcHTcSPYT5uA_VM6Dqbjxg==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIELHxiIWnPDtOzbVy5uDcMBQMsPXz4bTZJGT1vM1sSCDvRoujy0y_eqQGinvbD2R6HnneJFxG7hgw6JiQLwie8g3S96G3y&google_hm=mcHTcSPYT5uA_VM6Dqbjxg==
date: Mon, 19 Jul 2021 19:42:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99BB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEPdtX4WnHgrtA-BImwKx2bQ&google_cver=1&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eS...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPdtX4WnHgrtA-BImwKx2bQ&google_cver=1&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eSn_lwT

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eSn_lwT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIMegFJIAk_ldJM4Yvfh6dPWRlmdfIhtsx4dZrN4vrBD6MpdJNdm3MZ81OrsEvYApHZay1xNCiF1fgC8Qav0o_09eSn_lwT
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 99BB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJJbWzX42_V0tFO-B5nRRXM&google_cver=1&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1c...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJJbWzX42_V0tFO-B5nRRXM&google_cver=1&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1c...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DVGdFQ2N0RTJ1Rk1QMHlBR21Yay5KMkguYmJ3S21aNX5B&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DVGdFQ2N0RTJ1Rk1QMHlBR21Yay5KMkguYmJ3S21aNX5B&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1cdmW3MPb5Rz6W_DEKjn_n9-1QHpkg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Jul 2021 19:42:04 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DVGdFQ2N0RTJ1Rk1QMHlBR21Yay5KMkguYmJ3S21aNX5B&google_push=AYg5qPKLFwMURZycgx5KAi7-l-JW1ssFlXbf_SoRHbGbrq8Ka3arWLsG5hyCUnKdKMPI9Dfq1cdmW3MPb5Rz6W_DEKjn_n9-1QHpkg
Connection: keep-alive
Content-Length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 99BB 0
12 B 33ms
33ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMTvZWyeHA7alE03Bi14JIrOfu561K7PdHep8L17FetfAyuJV6K3T5Lxnn27diIlYy22CCAA

Requested by

Host: afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
URL: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F98 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 09:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 09:44:36 GMT

POST
H2 202 events Show response
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ 0
36 B 28ms
28ms XHR
text/plain 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Mon, 19 Jul 2021 19:42:04 GMT
x-cloud-request-id: HmpTchZrSmuvOpl_b2tYgA
x-found-handling-instance: instance-0000000001
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 events
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ Frame 0
0 27ms
27ms Preflight 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Protocol

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.edestinos.com.br
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Mon, 19 Jul 2021 19:42:04 GMT
vary: Origin
x-cloud-request-id: O4igWYi1QkCT7GJMLTFhrA
x-content-type-options: nosniff
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
x-found-handling-instance: instance-0000000001
content-length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F98 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bxzcbi9X1YPy1LMbE-gbw24_wDwAAAAA4AeAEAg&bg=!l5SllNDNAAZjFomlYxY7ACkAdvg8WoRNPLKKQZlTh_w7CLbzWyhJyoiV1Kpkp1yhklXv9LPNgprQOQIAAACRUgAAAApoAQcKAA3MkBpRenqrnaKazdZ2mQLF4rTQPvkntAqZxjGEeWD5Oejds_PXMxS2FqpVRIUvLea24jQ9EMTv8LMgR56_LkKd2aG4-lb-aPewxW3_2U2DUKkgcSUJzUNcGo6Oe3TucM525eO2bCSdXMCwGY_GLqu0qdjlsF1N6ygp2N47x2oNlZYiJUHgoj3FBQ6nJbTCKzeK3i04zhKXGULWhFrmp8cqDMJ6MVycqYhKHonZ3jM2nuFGXekPN85RRyaoMNSZgZTAVeQMJjcPO9X6UyAukfuBBQ4jy8X41xsi24o7Fz9kfEotWkZYRBmjyqrmHaqxlDx5BThKgfouG_dzjPUUbp_I3nwff9VBoGEH63wiISe7ATkTCcg9mzAXAb3gEdU_OWiRu57rDQKFze05WcdwUdoal4xir3RRNLni8sElm0BK7GgN03HEZcxp6d8CfvZvkWBQqno_pM0JPWMkwZGOEOMLwRUZCk8_JagnhLt85RLc-pr4X2OkbknJXd_mX-FfIgAc6wxMw6iZURMWY7t5ud1SUYgAkbJG4_C5ZtzRiiBUMimw428aJQxvUzcls_L7DXvGgaRXdBp82o2RQxBZ_usLCdpvo8qtKobZHzj8XYNlEWZNtlmmGkKiTLcheVNT7AB9kDxO-erXRvU5J-qxAClqDWM6SJvYjI0Ii8GpddqVEzOUUhkQj54Og8tBGyOXEmCJjnB5LwpkYFTrywTjyTrv3ChXTIqQxnhHUSSY0N5KCr2SdvbRilw8Z9HmUjZCehumaezi4hKCLKiRTHYI2SMhULlahgB4VZU-IG2mkzgWol_aVd7Ruc31aVOiH9JI9G4x8B2kTXlgXSMEefjgLc8z0xtqpZDMCeIvkCHPGxDBuxxvkSwDmQXg_dhg_yHez2Ef21jkseGve8d6-Afq6MpenZKq31pdAvcCr153BPYrhQFHuPVXxDnimYk0RjtSyDN0ZaHvYQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pas Show response
compare.edestinos.com/x/ 844 B
1 KB 467ms
466ms Script
application/javascript 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/x/pas?siteId=fbb20ace36d04c4c9455bf73ddd93759_edestinos.com.br&placementId=2633-3&ref=usingRuntimeExperiments%7C%7Cfalse%3A%3A%3A_sdkStreamName%7C%7Cstream%20not%20set%3A%3A%3Aplugin-opt%7C%7C0%3A%3A%3AvscVersion%7C%7C8%3A%3A%3Ahttps%3A%2F%2Fwww.edestinos.com.br%2F&obj=exit_unit&optMaxChecked=2&optMaxAdvertisers=7&optRotationStrategy=1&optPopUnder=1&optLocalization=pt&ctzpid=0c08174a-f599-437d-b26c-b0d153c8bbbb&alias=fbb20ace36d04c4c9455bf73ddd93759_edestinos.com.br&siteName=edestinos.com.br&endDate=&adults=1&isOneWay=false&tabbedMode=1&userForcedTabbedMode=1&callback=jsonp_callback_1
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/asset/ct-core/210713_132454_b37a8fd_00a4ff9_0.0.11-7190eea_9fe4d58.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: nginx/1.16.0 / PHP/7.3.23
Resource Hash: fed43073590f7d4561f84cb83e7c62cbe1dda356020264c4144f72844523888b

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:05 GMT
via: kong/2.0.5
server: nginx/1.16.0
x-powered-by: PHP/7.3.23
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-kong-upstream-latency: 292
access-control-allow-credentials: true
x-kong-proxy-latency: 2
content-length: 844

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6654 42 B
64 B 31ms
30ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyql4xioHWQHvsx5sm6VGuEx3CkdnNluTPNJKyaTbgwCNqDY5FZWKkDYoG8siImeay0EoIfZ3GtqoIPNAqu6CNq5_RjgH0bsVGiywcfz5_ENQFhFcRfiUTLjp3ew&sai=AMfl-YRoIV9iOms_ipSPyX3DJY8W0Vz0h7NZUymZfGgTOaYYaW-XbxPraDED0akIyogFnCfB9Zfol9gfMrRo5WO0RquJE7pD3a02nl5NiR4cU8seY6HVvC7IGgQ6NSqe&sig=Cg0ArKJSzJFhVuVKIH2REAE&cid=CAASEuRoE8OvmAY-bY81PUFMgBRo4A&id=lidar2&mcvt=1000&p=614,436,708,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2844816383&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626723723111&dlt=21&rpt=893&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6654 42 B
64 B 21ms
21ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7HtBpOj0eZiVXeYUrnic0J7Vh1OcJVt18ax_t16xwtwIi0k1RLfUAbPLHzY9tdo753sVKzQIkhLsMAiA0jHEsRxyMGhLd&sig=Cg0ArKJSzKXltJXBJ6fjEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3541998529&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 events Show response
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ 0
36 B 28ms
28ms XHR
text/plain 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Mon, 19 Jul 2021 19:42:05 GMT
x-cloud-request-id: 2riJtbcgQWSDZxn2T5Q30w
x-found-handling-instance: instance-0000000001
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 events
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ Frame 0
0 29ms
28ms Preflight 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Protocol

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.edestinos.com.br
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Mon, 19 Jul 2021 19:42:05 GMT
vary: Origin
x-cloud-request-id: bb3ZYQ0CQPC81JMd6Yrz3w
x-content-type-options: nosniff
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
x-found-handling-instance: instance-0000000001
content-length: 0

POST
H2 200 logs
compare.edestinos.com/ 2 B
285 B 181ms
181ms Ping
application/json 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compare.edestinos.com/logs
Requested by: Host: compare-static.edestinos.com
URL: https://compare-static.edestinos.com/asset/non-adslots/f877dff7398e3e1ed71338a9febe9a6a2fa4faf2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Jul 2021 19:42:05 GMT
via: kong/2.0.5
server: Cowboy
x-kong-proxy-latency: 1
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-kong-upstream-latency: 9
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 2
x-request-id: 2q9kh70e53um902hhrgq2qu3

GET
H2 200 pixel.php
compare.edestinos.com/ 43 B
476 B 190ms
190ms Image
image/gif 44.232.249.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compare.edestinos.com/pixel.php?&publisherID=2633&firstDraw=true&pageType=Flights&sessionVertical=Flights&campaigns=&referralURL=usingRuntimeExperiments%7C%7Cfalse%3A%3A%3A_sdkStreamName%7C%7Cstream%20not%20set%3A%3A%3Aplugin-opt%7C%7C0%3A%3A%3AvscVersion%7C%7C8%3A%3A%3Ahttps%3A%2F%2Fwww.edestinos.com.br%2F&t=1626723725404&r=0.8313854318835137&pageview_uuid=7dd0dd62-9bdb-444f-b9f0-97bbf2270081&alias=fbb20ace36d04c4c9455bf73ddd93759_edestinos.com.br&siteName=edestinos.com.br&ctzpid=0c08174a-f599-437d-b26c-b0d153c8bbbb&usingRuntimeExperiments=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.232.249.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-232-249-159.us-west-2.compute.amazonaws.com
Software: openresty/1.13.6.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 19:42:05 GMT
via: kong/2.0.5
server: openresty/1.13.6.2
x-kong-proxy-latency: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin
x-kong-upstream-latency: 10
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, THIN_UI_CSRF_TOKEN
content-length: 43

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9e03f451-42d1-4b9a-bb2e-cbadf365c8c9&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHL-H2UqeupXjClqq0XUUYI&google_cver=1&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQ...

43 B
114 B

30ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHL-H2UqeupXjClqq0XUUYI&google_cver=1&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:05 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jul 2021 19:42:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHL-H2UqeupXjClqq0XUUYI&google_cver=1&gdpr=1&gdpr_consent=BPJmldkPJmldkApABAPLAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 6654 807 B
1 KB 27ms
27ms Image
image/gif 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=9324732743a446b5b1d20c068b67f059&pltfrm=Linux%20x86_64&cbust=1626723725583695
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 7:42:05 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame 462F 67 B
492 B 87ms
32ms Ping
image/png 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=fdbb187ffcc840c5986b4d9bc79c39ca&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=94&vdur=89&eoid=5&msrjs=1534&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2137&cbust=1626723726252245
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 7:42:06 PM

POST
H/1.1 200
OK event.png
tps20238.doubleverify.com/ Frame 2686 67 B
492 B 93ms
35ms Ping
image/png 213.254.244.12
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20238.doubleverify.com/event.png?impid=fc665a0eba554da99a06451b5755b4e8&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=17&vdur=82&eoid=5&msrjs=1534&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2105&cbust=1626723726297248
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:06 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 7:42:06 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame 462F 67 B
492 B 27ms
27ms Ping
image/png 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=fdbb187ffcc840c5986b4d9bc79c39ca&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=57&isumms=56&isvelg=1&nvr=6&isgmmims=57&isgmv4mims=57&elmtp=6&isbxdms=2156&b0=100&b11=2108&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2208&sftb=2208&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1056&isuiabvms=1056&isgmpims=162&isgmv4dpims=1056&ispmxpms=1056&engalms=54&dvp_dpr=1&cbust=1626723727252715
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:06 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 7:42:07 PM

POST
H/1.1 200
OK event.png
tps20238.doubleverify.com/ Frame 2686 67 B
492 B 31ms
31ms Ping
image/png 213.254.244.12
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20238.doubleverify.com/event.png?impid=fc665a0eba554da99a06451b5755b4e8&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=13&isumms=12&isvelg=1&nvr=6&elmtp=3&isbxdms=2113&b0=100&b11=2120&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2220&sftb=2220&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1013&isuiabvms=1013&ispmxpms=1013&engalms=12&dvp_dpr=1&cbust=1626723727296935
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:07 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 7:42:07 PM

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 6654 807 B
1 KB 27ms
27ms Image
image/gif 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=9324732743a446b5b1d20c068b67f059&mascid=krb1ay8x4mhz6gaomnmwne5o9cr3ipkx&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=695&cbust=1626723728490608
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/18/2021 7:42:08 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame 462F 67 B
492 B 28ms
27ms Ping
image/png 213.254.244.26
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=fdbb187ffcc840c5986b4d9bc79c39ca&gdpr=&gdpr_consent=&mascid=krb1ay8x4mhz6gaomnmwne5o9cr3ipkx&dvp_masver=1534&eoid=8&cbust=1626723729354173
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 7:42:09 PM

POST
H/1.1 200
OK event.png
tps20238.doubleverify.com/ Frame 2686 67 B
492 B 31ms
30ms Ping
image/png 213.254.244.12
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20238.doubleverify.com/event.png?impid=fc665a0eba554da99a06451b5755b4e8&gdpr=&gdpr_consent=&mascid=krb1aysl4snhv8o38uk60aia8m0xw1mc&dvp_masver=1534&eoid=8&cbust=1626723729397617
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1534.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 19 Jul 2021 19:42:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/18/2021 7:42:09 PM

POST
H2 204 log Show response
www.edestinos.com.br/_fe/ 0
235 B 74ms
73ms XHR
text/plain 2.16.186.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.edestinos.com.br/_fe/log

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-136.deploy.static.akamaitechnologies.com

Software

esky-edge / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.edestinos.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 272
:path: /_fe/log
pragma: no-cache
traceparent: 00-55c1b7c7a46749572c6027b72ce44c5a-eb0daa0f657c030f-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.edestinos.com.br
referer: https://www.edestinos.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.edestinos.com.br/
traceparent: 00-55c1b7c7a46749572c6027b72ce44c5a-eb0daa0f657c030f-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Jul 2021 19:42:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: esky-edge
x-powered-by: Express
strict-transport-security: max-age=15768000; includeSubDomains; preload;
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=0
x-content-type-options: nosniff
expires: Mon, 19 Jul 2021 19:42:11 GMT

POST
H2 202 events Show response
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ 0
36 B 36ms
35ms XHR
text/plain 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Requested by

Host: www.edestinos.com.br
URL: https://www.edestinos.com.br/res/b1477/eui/js/vendor/orb/orb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.edestinos.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-ndjson

Response headers

access-control-allow-origin: https://www.edestinos.com.br
date: Mon, 19 Jul 2021 19:42:11 GMT
x-cloud-request-id: 0QLumzugSsKIPhHeqLHwEA
x-found-handling-instance: instance-0000000001
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 events
4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/ Frame 0
0 27ms
27ms Preflight 35.195.130.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events

Protocol

Server

35.195.130.253 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

253.130.195.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type
Origin: https://www.edestinos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.edestinos.com.br
access-control-expose-headers: Etag
access-control-max-age: 3600
date: Mon, 19 Jul 2021 19:42:11 GMT
vary: Origin
x-cloud-request-id: 2Bpn7ht9Svm5_0ulVYYVlw
x-content-type-options: nosniff
x-found-handling-cluster: 4f9e1963d5ba427fb9ccef03dcdca8e1
x-found-handling-instance: instance-0000000001
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.connectad.io
URL: https://i.connectad.io/api/v2

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.edestinos.com.br/	1970-01-20 04:37:39	Name: UniqueUserId Value: 4c4b2f461c29c75886b5b28096aebdeb
.sojern.com/	1970-01-19 22:01:39	Name: apnid Value: 4688871192642692480
.edestinos.com.br/	1970-01-19 20:35:15	Name: mes_referrer Value:
.edestinos.com.br/	1970-01-19 19:52:03	Name: _dc_gtm_UA-21804834-1 Value: 1
.sojern.com/	1970-01-19 20:02:08	Name: adh Value: 1
.edestinos.com.br/	1970-01-19 22:01:39	Name: _fbp Value: fb.2.1626723721282.1543036215
www.edestinos.com.br/	1969-12-31 23:59:59	Name: newUser Value: WFDB1626723720991
.www.edestinos.com.br/	1970-01-20 04:37:39	Name: _yoid Value: 60c42e5e-474b-4128-8427-fa8eac255531
www.edestinos.com.br/	1970-01-23 11:30:56	Name: uguid Value: eb62181feb90239b69e98f9b5f0d0ca1a1b0cbc3
.edestinos.com.br/	1970-01-19 19:53:30	Name: _uetsid Value: 63076560e8c911eb825e350b50261f68
www.edestinos.com.br/	1969-12-31 23:59:59	Name: esky_TCTTIStart Value: 1626723720994
.edestinos.com.br/	1970-01-19 19:52:03	Name: _dc_gtm_UA-136029019-1 Value: 1
.sojern.com/	1970-01-20 04:37:39	Name: cid Value: 9e9907a4-e019-6ed5-f2d7-dcd168c4d6c5#1626652800000
.edestinos.com.br/	1970-01-19 22:01:39	Name: _gcl_au Value: 1.1.655328207.1626723721
.edestinos.com.br/	1970-01-21 15:40:03	Name: MasterId Value: ed51764f-cae7-5574-8c40-1c2eab758b4d
.sojern.com/	1970-01-19 20:35:15	Name: ttdid Value: e84d1bbd-6e84-4ec8-b2a3-22909a2d320f
.edestinos.com.br/	1969-12-31 23:59:59	Name: esky_TCSIS Value: UAKBU1626723720992
.edestinos.com.br/	1970-01-19 19:53:30	Name: _gid Value: GA1.3.155043288.1626723721
.www.edestinos.com.br/	1969-12-31 23:59:59	Name: _yosid Value: d79d1375-417a-4b18-af22-ebea5b52d143
.sojern.com/	1970-01-20 04:37:39	Name: gid Value: CAESEMHalX8fNNuADQ_t9D6w3GY
.edestinos.com.br/	1970-01-21 15:40:03	Name: esky_TCSI Value: WFDB1626723720991
.edestinos.com.br/	1970-01-20 13:23:15	Name: _ga Value: GA1.3.1477734896.1626723721
.edestinos.com.br/	1970-01-20 05:13:39	Name: _uetvid Value: 6307c860e8c911ebbb0ac11ddb20ef73
www.edestinos.com.br/	1970-01-20 04:37:46	Name: firstTimeVisit Value: 202107192142

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.edestinos.com.br/xstorage.html(Line 62) Message: xStorage: localStorage is disabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f9e1963d5ba427fb9ccef03dcdca8e1.apm.europe-west1.gcp.cloud.es.io
a.teads.tv
accounts.google.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
adx.adform.net
afb55e02109980cf3e677846de29c428.safeframe.googlesyndication.com
bat.bing.com
beacon.riskified.com
blog.edestinos.com.br
c.riskified.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnstatic1.esky.pl
cm.g.doubleclick.net
compare-static.edestinos.com
compare.edestinos.com
connect.facebook.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
fastlane.rubiconproject.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
img.riskified.com
js.adara.com
lib.wtg-ads.com
match.adsrvr.org
media-edestinos-com-br.ipresso.pl
pagead2.googlesyndication.com
perun.ipresso.pl
pixel.sojern.com
pool.admedo.com
prebid.a-mo.net
progress.edestinos.com.br
r.turn.com
rtb0.doubleverify.com
s2.2mdn.net
sdk.adara.com
secure.adnxs.com
secure.edestinos.com.br
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.clicktripz.com
static.sojern.com
static1.eskypartners.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tag.yieldoptimizer.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20238.doubleverify.com
tps20240.doubleverify.com
tps20518.doubleverify.com
tracking.m6r.eu
ups.analytics.yahoo.com
us-u.openx.net
waytogrow-d.openx.net
www.clicktripz.com
www.edestinos.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
i.connectad.io
104.111.218.85
107.178.244.119
13.224.99.105
13.224.99.109
13.248.242.197
136.144.58.223
142.250.181.226
142.250.181.230
142.250.184.226
142.250.185.226
142.250.185.66
143.204.98.96
151.101.1.195
151.101.14.49
18.156.0.31
184.31.84.150
185.33.221.87
185.64.189.110
2.16.186.136
2.18.232.7
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.167
213.19.162.41
213.254.244.12
213.254.244.26
23.22.25.19
2600:1f18:f8a:b702:3244:e271:3ba7:c409
2600:1f18:f8a:b704:e516:f71b:f667:9bcf
2606:4700:20::681a:f0a
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::200d
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9c
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b2::4469
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
34.102.191.167
34.98.64.218
35.186.212.60
35.190.0.66
35.195.130.253
35.210.53.219
35.244.188.9
37.157.3.30
44.232.249.159
46.242.128.69
52.29.191.126
72.251.244.141
85.114.159.93
93.179.224.106
037edc21349985c11531a86154d0880d208e2058575de712860209296d7f70ec
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
05abf2de0d982c5ed0b177efe5255683f4ed00a44f9b27167075bcf93c32c977
05b591dc80e15b41800c959a48ef92d8ef624c980278c0433f3d6ed5b25dc1fc
0685483cd5da353ca0e2600de4a57048aed163f8332f853f380cdd1f2e6053aa
07897191cd959b6e14ba893751d87caeea11ec4798d0a59fed4599f00678ca0f
08ef128c036399616dd0f0f84c29bd0b8989c82fc4827cafe36171b42b5b62a2
095c021af173fc972093ffe60ac7cdf1a6d492efb0086f73c757755deb6016df
0aca6d4b1ec5cdbbf8be0d4ae90ef49fc48eefb76917770aecb0f253bd4ddc38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8b40cb5a33bb14709497016e96672d06b4c1390b2b2f090416f2ed0b1e53b2
0d0a04bb42ef21eeaf2646024a8170784f97703ca5062910d1dd11f643cfe545
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d6163452bc13e6dd32e173463a3137385516657075dda14f9d0d156d47b00db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17a0dfbafd41dd2f80ee66c34c85bc17a2fbf817faa2c90326619ff22de39aa8
1cf0048ed782c95cf314d2729c3ea38d8e8ddc0a157251ec009a6683a4f9465c
1f5059958c454cf7d0c7d5f61720b3bff25696bfe8b4bcb646ea7f5e2db2544a
1f60080d630d2b46cc8d126826d426ca8543ae2c655f13907abc73d13a103ddd
20cf63cd1b566a503353cc53633d022d65d60007e8c5e004792a1f7605e82995
223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b
255b564f51555254a3a189315254611bac81e318ed25f6b577f2deed8c49ce9b
2a30a609229c2deea1b1aa3b8561dbbacc9e1eccedf73b58eb431337d9ac9844
2a5c1fe4fa51977a82a8b7af151125e6b24ca5d503651520ea7528d6ece14340
2b16ba35e5187f8a497911c15869ed3dde1699b7cde356aab4756f79c5361b61
2d1b9fd515aed1376aaa3eb09ebb7859cb1c3952e88ee727b00fcc46ec1d939a
2e7ec6088c41802ea2b6533a3e7452c2e326c377e97449d42a7b8e3f5df4e970
31c01a6b5ceb668fb95a0585a85d76dd0525a6c8b4602dbd05606172617e0a4d
3fb52733617ae2470aa68e017ffcc4b874470c5e2d98e06662575945c66a7d58
402c86442d78e30954e7ae5f96abceb33f2c112a3fc5622b6e1138adfac66604
412de38693b7f56207cea650e9b964954ccae07da3e2293dcf3ec78e950a85db
434888a0e7f86f31d95f393233718496c3517be8c83f229f70f1af33bf3fc8ba
43b178425d446a2288c22fb55cc55a782df42c5633ea215979200aeaabf1f5d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45c94d025481329c9d4845495385ac6f097685dff414c0cee4e8a115e16f0a10
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c252c058d314c2e73af9d41028ca0a2c810d3d3332513ca1f47578035e76ef
4990b90c31f5b823613a2f72103699a58dce4ff1bdc2aa03f326395944b193e6
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e230e90fb4dff404215f964d520509a601f7da2ac4e043eaecb190d6ba70ce3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509d2ceca3c04330ea117c8381e4462c4db7d235e618e6a5681e5c7454dca9e3
51c6eec806ace698b1db3e554442d5b45e772e61265b45d9a2f6c3ff2911bbc2
531a1212f56b6b8d247d7e61f26daa393238ff50035a947a402399cdcd52685a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5a2a198416a1d73546134591584fb18514afee0178abff956b7a011b1c1122af
5f304cc9d41b83589d171f12c353079537b1436cc5f4834479b249a401e81224
648d744050ebba9ff4aed315f2a29c7f324cb3b368b8ea672975005c1846168e
66b17edb182cb19876e48edaf21223635a04c0140680a1d0c73316d63b097e63
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a84022653fc4b525e81e0a9dabbae72e89cdc31c7269cd43edaf9fffe8f74be
6aa554441a8427cf0649034646a760c398ee264a3392a9920bd7b99471539bf2
6acf1e7a7ab40b3d88924b94f68b3bbc1c38cc11a125b2f3d9db07d1a5120dd2
6b12284558475385b446b76d1ba06997e5c9f6a60ba478eaac523b25d8984f94
6b63a6107f6e979ad185da5f0926c1396169cce6571e7ccae226f3951358239c
6d8d1a134f2dbb06a94806d90ee46b17c14b3bcb6354ba3a62bab69251a9974e
6e9fa5b3d637708f66192f60a20921522ee81e9c32834131738d40ed4e34b098
708407b7f71b34226528a5feb768f3874558ed1e06160edb94b6ef2c76641fad
73639fecaeb99b3bd62102728e863391160c9f12de41cf42e9bf9b49f7ae4e06
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
776e57ff0d34a2d78178624cca3a66865e514ec43cc28faf15afc64c97222c96
77f9d29a130cda770522c5915fcbe0ad6938322c29a744dafb39ef40ef0557fd
7851c8f7f95b17bd6b00cb8d25177f51fed135575c04a4bd132d84ffbe95bffd
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7c97d8c2ae376a0f2af61c70ed372a205fda7a4357138f79e40342645c6c5875
7dcc0be2b564afdd3c6c9681d8e2191aea9c46d29a1abfde8bf984a275e03590
7dfc3d6a5e24461837466e62fb69223bcc7f5b043a277eed900aa0ad544b85d6
7fa078b7b935ba115a287ba0f0321063b9e847fa9204bfd20e0ddbab439f2185
8041e2a9ca3fda9b61d1ba8e03aa6f24d6a82ddf00e188e5fb5bdabf47ed3c83
806c5bcf8b4aa73d6dacac571f5d922acb515642f11c673531227a03339fb4cc
81b743dcefad1cf8a5e69032caf959c87ef0314a42179de81c66e8dd5ad77434
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
8a2a3494c8c350f3ee94d5c60eab14cdea9785db01dd059f0164b64631b6ffdc
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8bf5318a9ba054117c1121ed7056fa5d045a5bcb46e200f0000bf203e35ff11b
8d61c242877c608eea9ec1b5327d1c034112370be1fa3189a7d4328bf5fa6e1f
8ec4492afe1e481486c6a8a88f72da907c2dbe4722462d3d9914157f8a377914
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
8f74505ba88402364effea9bd821a4dd6d28b3c59dbdb13814ceede5be692b68
910d91ab94b89405d1eddb3f4384311fdd674898430c61a2d0ea921fc5474abc
949c2a3a8684bde5dca23be817b9a119706071950c7f9d59b5fed74cb21bb81c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
991abdc346b6a97f4f845358e7e800ce9330427254cf7d1073d9d0048b93749c
9953ee4c397a90da1e1d26182128847c8e5eae71626541fc86a8a7c55f9230ed
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac09ac41e88d99d1c483ee7e89fca19d4bebfabb3bfff6dd4ee463efdc1bf7d
9c55f311eaebe26ec01f3397b675c6376935b26f77e040fb26bcb34ef1d498e2
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a10d00b27baae9c983ee284730cd236923bec6415f372b7d74e6ba72c16088b0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aeed0a8042545b68356b6224994aea4299111d9677a5b57ab3d7848804a04c51
b010562c9805f4a7f0c5618e57992dd4b9ed3961cda85c8359fbda6c552bcf11
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b327dd94568592f7de2fc6c01355b47cf5c7395e29966cf201bc14232ed33375
b5368b69ba2569ec9767733153d170244834b7c55c9fd6eb9b6f116a902c87f8
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c1cf785cef23780a1d4c6c8f3773347eea30cd9e526ec164ede19df30c479d56
c30d83819fc5e367121c9035b6edf085c271b83735470e55c40e0d8a27fd61dc
c7eef747e4f121ac735025fcdc1e2f28c18831b431fbd4e2b5efcbaa151c0b39
c8efea2177dc8783663d530a722b4eb79888187ad2a92287b23612215cebe800
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d69f3ce396bfb71583a896e65b21503e73333927d2be1be90f2ed0090c1ab3c6
d6cba915b32cbbfad3603342887c21ec61eeecaf4cf5fd9e9e9b90bdd79c29da
d6d43cbc84c02420ccb5125f0b4748236ca8f788fa6d56b446b952a280c8dfe3
d8db5a6fb6fe12585e5cd8bdaee8d372cc3d65d94becf4ab67be33240d5bf667
d90656ac523e5042c1d482183854c8fe83c21facb9497e3238185a65051fcae0
e0750f45fe6ba219a663fa111c8544cf8e5464014bdec039a20091f39351cc70
e1480b636a009ff3faceb7412988430efd929d970904587911b5830f3af6c4f4
e2ef241477a72c3af9943b998d8c9bc06b48eeed7e36eb6ffef01eea189fa120
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
e5edc80bdc6a97108f6e0f2e63d0de1ba70e68039da631746b755489e35656e9
e7fe2658eb999f3b15e58fb37133962dce8943c53800e4aca85b701d1a343d89
e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d
e974985e98d24c383a6defa8aa367ba84e0780a3bb051c2f7e2823a9bde8240a
ea03d89ac1ae3b8f4022a4e357735baa3e9338db11723d87cba28baee07bb394
ea0da3782f31c1909f5d4b3796e74892bd0c623685cf73e271dffe6c84e1ec64
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20311b93c1b956530ba52e0b1887c9c011ef42a1b94bba901c191ee8caf8bf2
f5b057709d9a2c600115329697db01be60631727d0797b07a1b12073f1e95ab7
f74f21270c55d885b2c328c5a1f417c9ad81009ce15636d5afdfc1d3505382fe
f90466dd4667c82633f8ed630b8de8cb57260eb2b4f4f156dd34f2f0f60a6b1f
f951b8d30909525216c0b5b7402592e80b05ff1f6c1f9c711670fdb1a5d0d0c8
fb25b30a4ba902c4747c9fcd7bd296a78e6be01ea0a14e167d2869efa5f52df9
fed43073590f7d4561f84cb83e7c62cbe1dda356020264c4144f72844523888b

www.edestinos.com.br Open in urlscan Pro 2.16.186.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

237 Requests

100 %HTTPS

42 %IPv6

49 Domains

81 Subdomains

58 IPs

8 Countries

3713 kBTransfer

8915 kBSize

24 Cookies

74 Outgoing links

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.edestinos.com.br Open in urlscan Pro
2.16.186.136 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

100 %
HTTPS

42 %
IPv6

49
Domains

81
Subdomains

58
IPs

8
Countries

3713 kB
Transfer

8915 kB
Size

24
Cookies

237 HTTP transactions
1 data transactions