urlscan.io logo urlscan.io
SecurityTrails logo

secure.pestana.com Open in urlscan Pro
52.178.89.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pestana.azureedge.net/
Effective URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Submission: On June 03 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 6 countries across 28 domains to perform 80 HTTP transactions. The main IP is 52.178.89.129, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secure.pestana.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 13th 2019. Valid for: 2 years.
This is the only time secure.pestana.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 2606:2800:133... 15133 (EDGECAST)
2 52.178.89.129 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
7 2a00:1450:400... 15169 (GOOGLE)
6 8 172.217.18.166 15169 (GOOGLE)
1 216.58.207.66 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 51.140.6.23 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 52.207.52.76 14618 (AMAZON-AES)
2 2a03:2880:f04... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.224.95.88 16509 (AMAZON-02)
3 23.2.224.47 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a03:2880:f14... 32934 (FACEBOOK)
4 9 35.210.178.101 19527 (GOOGLE-2)
3 51.124.82.179 8075 (MICROSOFT...)
18 18 52.29.176.117 16509 (AMAZON-02)
1 2 72.247.225.98 16625 (AKAMAI-AS)
1 2 216.52.2.30 29791 (VOXEL-DOT...)
1 2 52.29.22.19 16509 (AMAZON-02)
1 63.33.106.135 16509 (AMAZON-02)
2 18.195.155.181 16509 (AMAZON-02)
1 2 35.244.159.8 15169 (GOOGLE)
1 104.16.68.69 13335 (CLOUDFLAR...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 51.137.27.140 8075 (MICROSOFT...)
1 51.124.84.95 8075 (MICROSOFT...)
80 31
24    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
pestana.azureedge.net
pesweb.azureedge.net
2    52.178.89.129 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.pestana.com
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
7    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    172.217.18.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
6541131.fls.doubleclick.net
6486114.fls.doubleclick.net
ad.doubleclick.net
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
2    52.207.52.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-52-76.compute-1.amazonaws.com
100006765.collect.igodigital.com
nova.collect.igodigital.com
2    2a03:2880:f046:f:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    13.224.95.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-88.zrh50.r.cloudfront.net
customs.affilired.com
3    23.2.224.47 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-224-47.deploy.static.akamaitechnologies.com
config1.veinteractive.com
1    2600:9000:21f3:f800:f:900d:ef80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.denomatic.com
2    2a03:2880:f146:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    35.210.178.101 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
3    51.124.82.179 (United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cookiee1.veinteractive.com
18    52.29.176.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
2    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    52.29.22.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-22-19.eu-central-1.compute.amazonaws.com
eb2.3lift.com
1    63.33.106.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-106-135.eu-west-1.compute.amazonaws.com
s.pubmine.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    51.137.27.140 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sessionapi.veinteractive.com
1    51.124.84.95 (United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dtrc.veinteractive.com
Apex Domain
Subdomains		 Transfer
24 azureedge.net
pestana.azureedge.net
pesweb.azureedge.net
831 KB
18 bidswitch.net
x.bidswitch.net
8 KB
10 doubleclick.net
6541131.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
6486114.fls.doubleclick.net
ad.doubleclick.net
4 KB
9 volvelle.tech
a.volvelle.tech
10 KB
8 veinteractive.com
config1.veinteractive.com
cookiee1.veinteractive.com
sessionapi.veinteractive.com
dtrc.veinteractive.com
87 KB
7 google-analytics.com
www.google-analytics.com
65 KB
5 google.com
www.google.com
adservice.google.com
2 KB
3 googletagmanager.com
www.googletagmanager.com
118 KB
2 openx.net
us-u.openx.net
484 B
2 emxdgt.com
e1.emxdgt.com
199 B
2 3lift.com
eb2.3lift.com
725 B
2 lijit.com
ce.lijit.com
1 KB
2 casalemedia.com
dsum.casalemedia.com
2 KB
2 facebook.com
www.facebook.com
360 B
2 bing.com
bat.bing.com
8 KB
2 facebook.net
connect.facebook.net
160 KB
2 igodigital.com
100006765.collect.igodigital.com
nova.collect.igodigital.com
3 KB
2 google.de
www.google.de
688 B
2 pestana.com
secure.pestana.com
18 KB
1 pubmatic.com
simage2.pubmatic.com
873 B
1 districtm.io
dmx.districtm.io
410 B
1 pubmine.com
s.pubmine.com
366 B
1 denomatic.com
cdn.denomatic.com
3 KB
1 affilired.com
customs.affilired.com
15 KB
1 gstatic.com
www.gstatic.com
122 KB
1 visualstudio.com
dc.services.visualstudio.com
519 B
1 googleadservices.com
www.googleadservices.com
12 KB
1 msecnd.net
az416426.vo.msecnd.net
22 KB
80 28
Domain Requested by
23 pesweb.azureedge.net secure.pestana.com
www.googletagmanager.com
18 x.bidswitch.net 18 redirects
9 a.volvelle.tech 4 redirects pesweb.azureedge.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 ad.doubleclick.net 4 redirects
3 cookiee1.veinteractive.com az416426.vo.msecnd.net
3 config1.veinteractive.com customs.affilired.com
config1.veinteractive.com
3 www.google.com 1 redirects www.googletagmanager.com
3 www.googletagmanager.com secure.pestana.com
www.googletagmanager.com
2 us-u.openx.net 1 redirects
2 e1.emxdgt.com
2 eb2.3lift.com 1 redirects
2 ce.lijit.com 1 redirects
2 dsum.casalemedia.com 1 redirects
2 adservice.google.com
2 6486114.fls.doubleclick.net 1 redirects cdn.denomatic.com
2 www.facebook.com
2 bat.bing.com www.googletagmanager.com
2 connect.facebook.net secure.pestana.com
connect.facebook.net
2 www.google.de
2 6541131.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 secure.pestana.com pesweb.azureedge.net
1 dtrc.veinteractive.com az416426.vo.msecnd.net
1 sessionapi.veinteractive.com az416426.vo.msecnd.net
1 simage2.pubmatic.com
1 dmx.districtm.io
1 s.pubmine.com
1 nova.collect.igodigital.com
1 cdn.denomatic.com customs.affilired.com
1 customs.affilired.com secure.pestana.com
1 100006765.collect.igodigital.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.gstatic.com www.google.com
1 dc.services.visualstudio.com az416426.vo.msecnd.net
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 az416426.vo.msecnd.net secure.pestana.com
1 pestana.azureedge.net 1 redirects
80 38
Subject Issuer Validity Valid
secure.pestana.com
DigiCert SHA2 Extended Validation Server CA		 2019-02-13 -
2021-04-13		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.collect.igodigital.com
DigiCert SHA2 Secure Server CA		 2020-02-14 -
2021-02-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
www.affilired.com
GeoTrust EV RSA CA 2018		 2019-06-14 -
2020-08-12		 a year crt.sh
*.veinteractive.com
DigiCert SHA2 Secure Server CA		 2020-04-14 -
2021-07-14		 a year crt.sh
www.denomatic.com
GeoTrust EV RSA CA 2018		 2019-09-30 -
2020-11-28		 a year crt.sh
a.volvelle.tech
DigiCert SHA2 Secure Server CA		 2020-05-18 -
2021-07-14		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
cookiee1.veinteractive.com
Let's Encrypt Authority X3		 2020-04-26 -
2020-07-25		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
s.pubmine.com
Go Daddy Secure Certificate Authority - G2		 2017-11-01 -
2020-11-01		 3 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2020-02-25 -
2020-10-09		 7 months crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
sessionapi.veinteractive.com
Let's Encrypt Authority X3		 2020-04-30 -
2020-07-29		 3 months crt.sh
dtrc.veinteractive.com
Let's Encrypt Authority X3		 2020-04-21 -
2020-07-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Frame ID: 3DFE968FD8D995B3935D157C5B8FC964
Requests: 77 HTTP requests in this frame

Frame: https://6541131.fls.doubleclick.net/activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F;~oref=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F
Frame ID: F38FE78FD41FED3F79D0C64462E25032
Requests: 1 HTTP requests in this frame

Frame: https://6486114.fls.doubleclick.net/activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8
Frame ID: F6FE072DD1B5FADE88C44759915D7C5C
Requests: 1 HTTP requests in this frame

Frame: https://config1.veinteractive.com/scripts/shared/iframeStorage-5.0.0.html?iframeid=ve-storage-iframe&journeyCode=19b1c28d-ebce-4b80-9905-c9674b8aa886&journeyId=21435
Frame ID: 2A40A75A3781ACA8B0BDFAD959F89AF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pestana.azureedge.net/ HTTP 302
    https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

80
Requests

100 %
HTTPS

39 %
IPv6

28
Domains

38
Subdomains

31
IPs

6
Countries

1479 kB
Transfer

4575 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pestana.azureedge.net/ HTTP 302
    https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://6541131.fls.doubleclick.net/activityi;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F;~oref=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F HTTP 302
  • https://6541131.fls.doubleclick.net/activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F;~oref=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F
Request Chain 34
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&gjid=1730952196&_gid=1927571892.1591204490&_u=aGBAgEAr~&z=670864452 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&_v=j82&z=670864452 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&_v=j82&z=670864452&slf_rd=1&random=3106129578
Request Chain 54
  • https://6486114.fls.doubleclick.net/activityi;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8 HTTP 302
  • https://6486114.fls.doubleclick.net/activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8
Request Chain 58
  • https://a.volvelle.tech/pixel?id=6351&aid=819&type=js HTTP 302
  • https://a.volvelle.tech/ul_cb/pixel?id=6351&aid=819&type=js
Request Chain 59
  • https://a.volvelle.tech/pixel?id=6352&aid=819&type=js HTTP 302
  • https://a.volvelle.tech/ul_cb/pixel?id=6352&aid=819&type=js
Request Chain 60
  • https://a.volvelle.tech/pixel?id=6353&aid=819&type=js HTTP 302
  • https://a.volvelle.tech/ul_cb/pixel?id=6353&aid=819&type=js
Request Chain 62
  • https://ad.doubleclick.net/ddm/activity/src=6126003;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
Request Chain 63
  • https://ad.doubleclick.net/ddm/activity/src=6364439;type=invmedia;cat=pmumkf5i;ord=9050458609265.037 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
Request Chain 65
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=652f5169-e642-4339-9359-c68ee2a608eb HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=652f5169-e642-4339-9359-c68ee2a608eb HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&C=1
Request Chain 66
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=10284f5a-4067-4c93-ad8b-0f302216b78f HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=10284f5a-4067-4c93-ad8b-0f302216b78f HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=0a901531-f02b-4bf6-ab4d-dd307fb40033 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dnr=1
Request Chain 67
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=32fe820c-533d-481d-be96-04a347baf0e0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=32fe820c-533d-481d-be96-04a347baf0e0 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dongle=d3d3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=
Request Chain 68
  • https://x.bidswitch.net/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26userId%3Dd5196df8-692f-4886-a44b-8f308dc3ba16 HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26userId%3Dd5196df8-692f-4886-a44b-8f308dc3ba16 HTTP 302
  • https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&userId=d5196df8-692f-4886-a44b-8f308dc3ba16
Request Chain 69
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=e9519999-74d4-4dd6-9deb-b21f4c802c97 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=e9519999-74d4-4dd6-9deb-b21f4c802c97 HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&ssp_data=&gdpr=&gdpr_consent=
Request Chain 70
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=a4f8259b-0a39-4a8d-a87a-0815c9e5548e HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=a4f8259b-0a39-4a8d-a87a-0815c9e5548e HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
Request Chain 71
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=d3ea2c8d-2243-46f6-9399-f6b9e9d99a4e HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=0a901531-f02b-4bf6-ab4d-dd307fb40033 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=0a901531-f02b-4bf6-ab4d-dd307fb40033
Request Chain 72
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=100dad09-d251-47b1-b9cc-1985ec30aef1 HTTP 302
  • https://dmx.districtm.io/s/10009/0a901531-f02b-4bf6-ab4d-dd307fb40033
Request Chain 73
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=16ef2088-39b8-4529-ac66-b747dc8b31b0 HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
Request Chain 74
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=c08bb179-8548-4bf3-8802-d31d7c7f64e7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0a901531-f02b-4bf6-ab4d-dd307fb40033
Request Chain 76
  • https://a.volvelle.tech/sync?source=ve&redirect=//cookiee1.veinteractive.com/api/SyncCookie?clientName%3Dvolvelle%26journeyCode%3D19B1C28D-EBCE-4B80-9905-C9674B8AA886%26version%3D5.0.0%26referrer%3Dsecure.pestana.com%26offset%3D-120%26userId= HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=https%3A%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26journeyCode%3D19B1C28D-EBCE-4B80-9905-C9674B8AA886%26version%3D5.0.0%26referrer%3Dsecure.pestana.com%26offset%3D-120%26userId%3Dd5196df8-692f-4886-a44b-8f308dc3ba16 HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=https%3A%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26journeyCode%3D19B1C28D-EBCE-4B80-9905-C9674B8AA886%26version%3D5.0.0%26referrer%3Dsecure.pestana.com%26offset%3D-120%26userId%3Dd5196df8-692f-4886-a44b-8f308dc3ba16 HTTP 302
  • https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=19B1C28D-EBCE-4B80-9905-C9674B8AA886&version=5.0.0&referrer=secure.pestana.com&offset=-120&userId=d5196df8-692f-4886-a44b-8f308dc3ba16

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request notfound
secure.pestana.com/en/home/
Redirect Chain
  • https://pestana.azureedge.net/
  • https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
64 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.89.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
76c54fa8cb321fbad0f8cacd9ae199cd6114ebd9ad82177a1f6aedbc200aac76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.pestana.com
:scheme
https
:path
/en/home/notfound?aspxerrorpath=/imgbank/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
no-cache
pragma
no-cache
content-length
17186
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=ufmzwbw4xvy3jgja4nun00yx; path=/; secure; HttpOnly; SameSite=Lax Q2WZBGVEOJMPR=; path=/; secure; HttpOnly E9ysfE3mAu=; path=/; secure; HttpOnly F2dskP5ouY=dEbByLSzBAZfGLpnU7xYS9r/QXe4p5YAaqiHE5aZucNTEjwAJzwkzMjsELMfhCpz; expires=Thu, 03-Jun-2021 17:14:49 GMT; path=/; secure; HttpOnly
x-aspnetmvc-version
5.2
x-robots-tag
noindex
x-aspnet-version
4.0.30319
request-context
appId=cid-v1:0371e5f6-7c35-4421-8e65-801d40a957e4
access-control-expose-headers
Request-Context
x-powered-by
ASP.NET
x-ua-compatible
IE=edge
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
strict-origin
date
Wed, 03 Jun 2020 17:14:49 GMT

Redirect headers

status
302
access-control-allow-origin
*
access-control-expose-headers
Request-Context
content-type
text/html; charset=utf-8
date
Wed, 03 Jun 2020 17:14:48 GMT
location
https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
request-context
appId=cid-v1:0371e5f6-7c35-4421-8e65-801d40a957e4
server
Microsoft-IIS/10.0
x-aspnetmvc-version
5.2
x-powered-by
Pestana Hotel Group
content-length
184
sprites.min.css
pesweb.azureedge.net/assets/css/ 		2 KB
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/sprites.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA0) / Pestana Hotel Group
Resource Hash
390c4d21146bc7b017cdf47649f87022cfeb064acac2649fa20bda0e89d50586

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8EA0)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
629
main.min.css
pesweb.azureedge.net/assets/css/ 		520 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/main.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E89) / Pestana Hotel Group
Resource Hash
b805d841b366da0d90216a5885ff6cbaa599af2f24bacacc4cac05464fa47a05

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8E89)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
88214
pestana-webfonts.min.css
pesweb.azureedge.net/assets/css/ 		55 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/pestana-webfonts.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FFD) / Pestana Hotel Group
Resource Hash
42195f22dc78be34ad393498ac13fa0ba65ebddc2d03c76ff2d7b47908546b3d

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8FFD)
age
95636
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
8645
units.min.css
pesweb.azureedge.net/assets/css/ 		397 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/units.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F72) / Pestana Hotel Group
Resource Hash
706364321d591f42a1a2f394630c006fa3e8cab2a2a118cec6adcb8a7d3c721f

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8F72)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
70340
units-sidebar.min.css
pesweb.azureedge.net/assets/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/units-sidebar.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FB9) / Pestana Hotel Group
Resource Hash
7911cc0b9f42bd4b128b9e5b063f90fb1cc682d38c2ab65beebb000d67582a21

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8FB9)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
6707
theme-group.min.css
pesweb.azureedge.net/assets/css/themes/ 		316 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/themes/theme-group.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1C) / Pestana Hotel Group
Resource Hash
7b7d82f0a18db99b0c7a999553847d0bd4cac184ca2aba416c728d641b70b7f1

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8F1C)
age
94906
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
42073
modernizr-2.6.2-respond-1.1.0.min.js
pesweb.azureedge.net/assets/js/vendor/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/js/vendor/modernizr-2.6.2-respond-1.1.0.min.js?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F87) / Pestana Hotel Group
Resource Hash
b3292a1dfe63745a1be35ea99fa043b66578ec0b4f3a81d406d6cc5e09ec853e

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0584f4e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:46 GMT
server
ECAcc (frc/8F87)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
8604
jquery.min.js
pesweb.azureedge.net/assets/js/vendor/ 		205 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/js/vendor/jquery.min.js?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F15) / Pestana Hotel Group
Resource Hash
3540698a49a7e33445537f5303e7e51991680dad9f840aad1fc11d1070b5b29f

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0584f4e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:46 GMT
server
ECAcc (frc/8F15)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
84813
pestana-group.png
pesweb.azureedge.net/assets/img/brands/header/horizontal-logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/brands/header/horizontal-logos/pestana-group.png?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=230&h=59&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E92) / Pestana Hotel Group
Resource Hash
58d3d713e2d22c5e51ad44d9d44e7b8d94f4415392f103639de309eadf9bbe2b

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"e6f18e7fa91dd61:0+gzip"
last-modified
Tue, 28 Apr 2020 22:08:08 GMT
server
ECAcc (frc/8E92)
age
2511205
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public
access-control-allow-origin
*
content-length
3459
expires
Sat, 04 Jul 2020 17:14:50 GMT
world.png
pesweb.azureedge.net/assets/img/flags/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/flags/world.png?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=29&h=29&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDB) / Pestana Hotel Group
Resource Hash
5c6ad72e595453899d27560b138c2a7f8e08908e37f773afed5b7d1c8c6c2ae6

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"4cfd19e6a01dd61:0+gzip"
last-modified
Tue, 28 Apr 2020 21:06:34 GMT
server
ECAcc (frc/8FDB)
age
2229375
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public
access-control-allow-origin
*
content-length
1229
expires
Sat, 04 Jul 2020 17:14:50 GMT
click2call-desktop.min.css
pesweb.azureedge.net/assets/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/click2call-desktop.min.css?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2E) / Pestana Hotel Group
Resource Hash
e31176b865c703ec216c8764dc77dc939245420121c819e04472a68e3b9a03bf

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8F2E)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
8133
pestana-group.png
pesweb.azureedge.net/assets/img/brands/header/horizontal-logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/brands/header/horizontal-logos/pestana-group.png?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=210&h=59&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F25) / Pestana Hotel Group
Resource Hash
58d3d713e2d22c5e51ad44d9d44e7b8d94f4415392f103639de309eadf9bbe2b

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"2cf9685a91dd61:0+gzip"
last-modified
Tue, 28 Apr 2020 22:08:18 GMT
server
ECAcc (frc/8F25)
age
2511055
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public
access-control-allow-origin
*
content-length
3459
expires
Sat, 04 Jul 2020 17:14:50 GMT
promotions-banner.jpg
pesweb.azureedge.net/spimg/genericgalleryphotos/general-headers/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/spimg/genericgalleryphotos/general-headers/promotions-banner.jpg?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=1024&h=216&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E93) / Pestana Hotel Group
Resource Hash
9d2d917a509ddbdddf15c9ab1322a8ac2fa63875decf2c71eea0b1b5bc53169c

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
89093
x-powered-by
Pestana Hotel Group
x-cache
HIT
status
200
content-length
20683
request-context
appId=cid-v1:0371e5f6-7c35-4421-8e65-801d40a957e4
x-aspnetmvc-version
5.2
last-modified
Tue, 02 Jun 2020 16:29:56 GMT
server
ECAcc (frc/8E93)
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=2678400
expires
Fri, 03 Jul 2020 17:14:49 GMT
norton-seal-resized.png
pesweb.azureedge.net/assets/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/norton-seal-resized.png?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=101&h=53&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F96) / Pestana Hotel Group
Resource Hash
986b4154ef0c07a521425789fd1247dfbd8c142cd1cee5f3634bc245d2921b15

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"981df339d2ed61:0+gzip"
last-modified
Wed, 20 May 2020 11:52:56 GMT
server
ECAcc (frc/8F96)
age
537125
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public
access-control-allow-origin
*
content-length
6419
expires
Sat, 04 Jul 2020 17:14:49 GMT
core.min.js
pesweb.azureedge.net/assets/js/ 		488 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/js/core.min.js?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDF) / Pestana Hotel Group
Resource Hash
e4ba56a9639d8a020e8271901758a95c16457fc785a80d5d38253169c8d0df04

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8FDF)
age
95802
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
177489
en.min.js
pesweb.azureedge.net/assets/js/locales/parsley/ 		1 KB
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/js/locales/parsley/en.min.js?v=151
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF2) / Pestana Hotel Group
Resource Hash
dd3434049cd3d7f542f4a91f20bf2a083f0a6e5bcd3a054bd9dab720445d36bb

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0d852f3e438d61:0"
last-modified
Tue, 02 Jun 2020 13:51:44 GMT
server
ECAcc (frc/8FF2)
age
95493
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
592
logo-bg.png
pesweb.azureedge.net/assets/img/ 		21 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/logo-bg.png
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F22) / Pestana Hotel Group
Resource Hash
15435755fbef0126e344fe2f8833c5d1b6e6fe6865c03fc654811c5b2f05c1fc

Request headers

Referer
https://pesweb.azureedge.net/assets/css/main.min.css?v=151
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0a26581932ed61:0+gzip"
last-modified
Wed, 20 May 2020 10:43:32 GMT
server
ECAcc (frc/8F22)
age
339033
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public,max-age=2678400
access-control-allow-origin
*
content-length
20796
main-sprite-v2.png
pesweb.azureedge.net/assets/img/sprites/ 		56 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/sprites/main-sprite-v2.png?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=102&h=72&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F47) / Pestana Hotel Group
Resource Hash
16a70cba59c1fb5e2ccaf30f3794f8aff20af0710760c715c69207bdb2affbf6

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0723d99a91cd61:0+gzip"
last-modified
Mon, 27 Apr 2020 15:36:20 GMT
server
ECAcc (frc/8F47)
age
2367612
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public,max-age=2678400
access-control-allow-origin
*
content-length
56524
main-sprite-v2.png
pesweb.azureedge.net/assets/img/sprites/ 		56 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pesweb.azureedge.net/assets/img/sprites/main-sprite-v2.png?scale=downscaleonly&encoder=freeimage&progressive=true&quality=70&w=130&h=88&mode=crop
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F47) / Pestana Hotel Group
Resource Hash
16a70cba59c1fb5e2ccaf30f3794f8aff20af0710760c715c69207bdb2affbf6

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0723d99a91cd61:0+gzip"
last-modified
Mon, 27 Apr 2020 15:36:20 GMT
server
ECAcc (frc/8F47)
age
2367612
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
status
200
cache-control
public,max-age=2678400
access-control-allow-origin
*
content-length
56524
pestana_webfonts_all.woff
pesweb.azureedge.net/assets/css/fonts/ 		165 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/fonts/pestana_webfonts_all.woff?20191205
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E92) / Pestana Hotel Group
Resource Hash
ac80d1d43ec212e2559918a0e88b9bbebe4c0346c79aa99395bb3ce68a6cc1c5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pesweb.azureedge.net/assets/css/pestana-webfonts.min.css?v=151
Origin
https://secure.pestana.com

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0753480932ed61:0+gzip"
last-modified
Wed, 20 May 2020 10:43:30 GMT
server
ECAcc (frc/8E92)
age
650808
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/font-woff
status
200
cache-control
public,max-age=2678400
access-control-allow-origin
*
content-length
88976
2CE53B_13_0.woff2
pesweb.azureedge.net/assets/css/fonts/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/fonts/2CE53B_13_0.woff2?20191205
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FB0) / Pestana Hotel Group
Resource Hash
9d9aff1b2b9d5752873c29d5181aa66a184cdabbe5debeb11e339bb266ddee22

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pesweb.azureedge.net/assets/css/pestana-webfonts.min.css?v=151
Origin
https://secure.pestana.com

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0753480932ed61:0+gzip"
last-modified
Wed, 20 May 2020 10:43:30 GMT
server
ECAcc (frc/8FB0)
age
650808
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/font-woff2
status
200
cache-control
public,max-age=2678400
access-control-allow-origin
*
content-length
48214
2CE53B_1F_0.woff2
pesweb.azureedge.net/assets/css/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/css/fonts/2CE53B_1F_0.woff2?20191205
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E90) / Pestana Hotel Group
Resource Hash
5a708e79a834e6f65b37300f7f0e0d11db14f3c5aee20ee20dd5c8ddeea45bc8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pesweb.azureedge.net/assets/css/pestana-webfonts.min.css?v=151
Origin
https://secure.pestana.com

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0753480932ed61:0+gzip"
last-modified
Wed, 20 May 2020 10:43:30 GMT
server
ECAcc (frc/8E90)
age
650808
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/font-woff2
status
200
cache-control
public,max-age=2678400
access-control-allow-origin
*
content-length
44623
gtm.js
www.googletagmanager.com/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ddfa598b7900f9298c1dd0d8cad6f965429713af3d760592fae8f56ee279ef47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54458
x-xss-protection
0
last-modified
Wed, 03 Jun 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jun 2020 17:14:49 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
223
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Tue, 04 Feb 2020 19:23:51 GMT
server
ECAcc (frc/8FA5)
etag
0x8D7A9A7C460F06C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6fe59673-901e-003a-1bc9-39a747000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 03 Jun 2020 17:44:49 GMT
resources
secure.pestana.com/en/ 		417 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.pestana.com/en/resources
Requested by
Host: pesweb.azureedge.net
URL: https://pesweb.azureedge.net/assets/js/vendor/jquery.min.js?v=151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.89.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e83050649f63588ec619a242a2b099a144073160a72db8a98a1db2216436dd87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.pestana.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-length
342
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
strict-origin
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
date
Wed, 03 Jun 2020 17:14:49 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private
request-context
appId=cid-v1:0371e5f6-7c35-4421-8e65-801d40a957e4
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
1110
date
Wed, 03 Jun 2020 16:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Wed, 03 Jun 2020 18:56:19 GMT
js
www.googletagmanager.com/gtag/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-743757198
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29c246371784ca3eb0a1ebc427249f1343b2c40450e07fd343da3815341e83d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33171
x-xss-protection
0
last-modified
Wed, 03 Jun 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jun 2020 17:14:49 GMT
activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pesta...
6541131.fls.doubleclick.net/ Frame F38F
Redirect Chain
  • https://6541131.fls.doubleclick.net/activityi;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pes...
  • https://6541131.fls.doubleclick.net/activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=unde...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6541131.fls.doubleclick.net/activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F;~oref=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6541131.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F;~oref=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.pestana.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 03 Jun 2020 17:14:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
446
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 03-Jun-2020 17:29:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 03 Jun 2020 17:14:49 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6541131.fls.doubleclick.net/activityi;dc_pre=COKsiNOS5ukCFZKEhQodIxoHwg;src=6541131;type=count0;cat=all_p0;ord=6356443605963;gtm=2wg5k1;auiddc=1627885915.1591204490;u1=all;u2=en-US;u18=undefined;u19=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F;~oref=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gRecaptcha-functions.min.js
pesweb.azureedge.net/assets/js/ 		1 KB
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pesweb.azureedge.net/assets/js/gRecaptcha-functions.min.js?v=150
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA2) / Pestana Hotel Group
Resource Hash
6361e710abe4cf6550879d8f1ac8206fdc7ee5a3b19bacc635820bfdb91fd86f

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
etag
"0a26581932ed61:0"
last-modified
Wed, 20 May 2020 10:43:32 GMT
server
ECAcc (frc/8FA2)
age
1227449
status
200
x-powered-by
Pestana Hotel Group
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=2678400
accept-ranges
bytes
content-length
468
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 16:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1129
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Wed, 03 Jun 2020 17:56:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:08:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
388
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Wed, 03 Jun 2020 18:08:21 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-743757198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10884
x-xss-protection
0
server
cafe
etag
10406653800972162523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Jun 2020 17:14:49 GMT
js
www.googletagmanager.com/gtag/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=HA-75&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-743757198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
065fcf60072b8542677fc4875c75990b0d497562f261ab1218321d4b76ce47d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33175
x-xss-protection
0
last-modified
Wed, 03 Jun 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jun 2020 17:14:49 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1265969492&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&ul=en-us&de=UTF-8&dt=Pestana%20Hotel%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAr~&jid=1657455055&gjid=1730952196&cid=331968505.1591204490&tid=UA-245809-13&_gid=1927571892.1591204490&gtm=2wg5k1P887PV&cd6=all&cd20=b2f5a1ca-9581-45be-864e-b4195916039a&z=1213007032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 23:42:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1359125
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&gjid=1730952196&_gid=1927571892.1591204490&_u=aGBAgEAr~&z=670864452
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&_v=j82&z=670864452
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&_v=j82&z=670864452&slf_rd=1&random=3106129578
42 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&_v=j82&z=670864452&slf_rd=1&random=3106129578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-245809-13&cid=331968505.1591204490&jid=1657455055&_v=j82&z=670864452&slf_rd=1&random=3106129578
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		736 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3efdcd65c3198817359c7372143d78b7fbaefe9d77b78bd1197819cee6231cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
466
x-xss-protection
1; mode=block
expires
Wed, 03 Jun 2020 17:14:49 GMT
track
dc.services.visualstudio.com/v2/ 		96 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ad84cd78fd7c088d3ef7943751c97e9b734ba7297c4978f04f791ac85b9552e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.pestana.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
6F374EB3-C09F-4EEB-B3A2-5AF9A4CA4D0C
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Wed, 03 Jun 2020 17:14:49 GMT
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96
js
www.google-analytics.com/gtm/ 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5XCLLBT&t=gtm20&cid=331968505.1591204490
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
285d00e99529fe6856178cf722ca47b52915aaa44b0c2c22121c10a11960e75b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26761
x-xss-protection
0
last-modified
Wed, 03 Jun 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jun 2020 17:14:49 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
1110
date
Wed, 03 Jun 2020 16:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Wed, 03 Jun 2020 18:56:19 GMT
collect
www.google-analytics.com/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1265969492&t=timing&_s=2&dl=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&ul=en-us&de=UTF-8&dt=Pestana%20Hotel%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1799&pdt=3&dns=141&rrt=581&srt=249&tcp=402&dit=1714&clt=1749&_gst=1806&_gbt=1842&_cst=1714&_cbt=1792&_u=aGDAiEArR~&jid=&gjid=&cid=331968505.1591204490&tid=UA-245809-13&_gid=1927571892.1591204490&gtm=2wg5k1P887PV&cd6=all&cd20=b2f5a1ca-9581-45be-864e-b4195916039a&z=453410575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 23:42:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1359125
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/ 		309 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
929b173fe5de52e86be43b47db00cf8fce66664a2f3c69b5710664de66ab0ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Jun 2020 16:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Jun 2020 04:05:55 GMT
server
sffe
age
174592
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124636
x-xss-protection
0
expires
Tue, 01 Jun 2021 16:44:57 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/743757198/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/743757198/?random=1591204489934&cv=9&fst=1591204489934&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5k1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&tiba=Pestana%20Hotel%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b06c07dc8d5c3f86d0ed894d9d383dcbc68a6cd05e91820f976f58e8be352f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/743757198/ 		42 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/743757198/?random=1591204489934&cv=9&fst=1591203600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5k1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&tiba=Pestana%20Hotel%20Group&async=1&fmt=3&is_vtc=1&random=3299708390&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/743757198/ 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/743757198/?random=1591204489934&cv=9&fst=1591203600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5k1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&tiba=Pestana%20Hotel%20Group&async=1&fmt=3&is_vtc=1&random=3299708390&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect.js
100006765.collect.igodigital.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://100006765.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.52.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-52-76.compute-1.amazonaws.com
Software
/
Resource Hash
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 03 Jun 2020 17:14:53 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 06:23:20 GMT
vary
Accept-Encoding
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
PWZzQTyhFk7WQtE+WAb90KQiyoywmtqdcbNqXUnJ9q3vbiT7h6wUbQkt7esxiaHCaSntRaUrGp9iEuD6IKHzBg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 03 Jun 2020 17:14:52 GMT, Wed, 03 Jun 2020 17:14:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P887PV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:52 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2020 20:59:59 GMT
x-msedge-ref
Ref A: 7D9D27D7EBCA4B1296BC4F5393628364 Ref B: FRAEDGE1307 Ref C: 2020-06-03T17:14:52Z
status
200
etag
"80b179766929d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7767
/
customs.affilired.com/track/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customs.affilired.com/track/?merchant=3995
Requested by
Host: secure.pestana.com
URL: https://secure.pestana.com/en/home/notfound?aspxerrorpath=/imgbank/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-88.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
bdf1446bcd7a691c1d64a457fa1d30499303a97739725bbee4eed7ff07513b65

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:52 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
ZRH50-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
status
200
expires
Wed, 10 Jun 2020 17:14:51 GMT
cache-control
max-age=604800
content-type
text/javascript; charset=utf-8
x-amz-cf-id
u2tEKJaH4_fviqgESz7OtWmnnwTzPQRR_D5LcV4SKjqkBpdBNnuRjA==
via
1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
jb-x-cache
HIT
1400850480187280
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1400850480187280?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8544d200493b3657948215e1219b8218f2a33ce5a077b74ac1bf17cc811481b1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
BInK1rpPwCo3PvzGeXkrWmM+eUAtNWZcFWW9p0vBL5g2pDEhDQufvD7AhTzO0qfmhepfz7ZXjKxalWvVcn2YTA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 03 Jun 2020 17:14:52 GMT, Wed, 03 Jun 2020 17:14:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5695506&Ver=2&mid=2d7e035d-c69b-a9b7-d2fd-7f0c3ed490bd&sid=7f528edb-52b2-c585-da2a-6192de204ac9&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Pestana%20Hotel%20Group&p=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&r=&lt=1799&evt=pageLoad&msclkid=N&sv=1&rn=606888
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 03 Jun 2020 17:14:52 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 96368FEF0B1341DDBFD0105B52863C0D Ref B: FRAEDGE1307 Ref C: 2020-06-03T17:14:52Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.js
config1.veinteractive.com/tags/19B1C28D/EBCE/4B80/9905/C9674B8AA886/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config1.veinteractive.com/tags/19B1C28D/EBCE/4B80/9905/C9674B8AA886/tag.js
Requested by
Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=3995
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.2.224.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-47.deploy.static.akamaitechnologies.com
Software
VeGlobal /
Resource Hash
12062e621a8c1d87e024d4533e10aa6d206e882b7c33e0d256f8bb24dd08e29b

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 03 Jun 2020 17:14:53 GMT
Content-Encoding
gzip
Content-MD5
GgyHDFAs0yCgJ+KZ9WuM3w==
Connection
keep-alive
Content-Length
14455
x-ms-lease-status
unlocked
Last-Modified
Wed, 29 May 2019 15:50:53 GMT
Server
VeGlobal
ETag
0x8D6E44D6EACF327
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
fe77afdc-101e-001a-3389-8644fa000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=1800, s-maxage=1800
x-ms-version
2009-09-19
38-4bbfbbc3dda7.js
cdn.denomatic.com/drs/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.denomatic.com/drs/38-4bbfbbc3dda7.js?rnd=20190918
Requested by
Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=3995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:f800:f:900d:ef80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
674afb0f8b114df3fa8c9642eed5fc806097ae417af3f248753bffe2d4c7cec3

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 02:19:01 GMT
content-encoding
gzip
age
54632
x-cache
Hit from cloudfront
status
200
content-length
2822
jb-x-cache
HIT
last-modified
Wed, 09 Oct 2019 07:24:04 GMT
server
nginx
etag
"3acf-594752b73dc93-gzip"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
bru3ibJrR0nMdAkRY_Wwa9HZ4HUYcPBx_8AIz33ui0NoqvwVnTohug==
capture-apps-5.0.0.js
config1.veinteractive.com/scripts/5.0/ 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config1.veinteractive.com/scripts/5.0/capture-apps-5.0.0.js
Requested by
Host: config1.veinteractive.com
URL: https://config1.veinteractive.com/tags/19B1C28D/EBCE/4B80/9905/C9674B8AA886/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.2.224.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-47.deploy.static.akamaitechnologies.com
Software
VeGlobal /
Resource Hash
3f599b2e5ea7cb72de10bdf0d1b30e9c219a53ccd69d9206d347b244ddb721c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.pestana.com/
Origin
https://secure.pestana.com

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 03 Jun 2020 17:14:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-MD5
tqqkyCQTi4QDoy77wpzrww==
Connection
keep-alive
Content-Length
69177
X-XSS-Protection
1;mode=block
x-ms-lease-status
unlocked
Last-Modified
Wed, 27 May 2020 06:24:54 GMT
Server
VeGlobal
ETag
0x8D80206ABBFE899
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
a0cbd7c4-a01e-008b-2eef-33d04b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=1873, s-maxage=3600
x-ms-version
2009-09-19
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1400850480187280&ev=PageView&dl=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&rl=&if=false&ts=1591204493088&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591204493087.1195522502&it=1591204492814&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT, Wed, 03 Jun 2020 17:14:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 03 Jun 2020 17:14:53 GMT
activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8
6486114.fls.doubleclick.net/ Frame F6FE
Redirect Chain
  • https://6486114.fls.doubleclick.net/activityi;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8?
  • https://6486114.fls.doubleclick.net/activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treat...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6486114.fls.doubleclick.net/activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8?
Requested by
Host: cdn.denomatic.com
URL: https://cdn.denomatic.com/drs/38-4bbfbbc3dda7.js?rnd=20190918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6486114.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.pestana.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.pestana.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 03 Jun 2020 17:14:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
395
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 03-Jun-2020 17:29:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 03 Jun 2020 17:14:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6486114.fls.doubleclick.net/activityi;dc_pre=CKi10NSS5ukCFczAGwodClQHxg;src=6486114;type=visit0;cat=visit0;u1=visitor;u2=visitor_en;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=18562999989596.8?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track_page_view
nova.collect.igodigital.com/c2/100006765/ 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/100006765/track_page_view?payload=%7B%22title%22%3A%22Pestana%20Hotel%20Group%22%2C%22url%22%3A%22https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%22email%22%3A%22%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.52.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-52-76.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime
0.005640
date
Wed, 03 Jun 2020 17:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"db04c7b378cb2db912c3ba8a5a774ee3"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
7cc2155d-1a0b-44d7-a1d9-ab5e29acf4e9
iframeStorage-5.0.0.html
config1.veinteractive.com/scripts/shared/ Frame 2A40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://config1.veinteractive.com/scripts/shared/iframeStorage-5.0.0.html?iframeid=ve-storage-iframe&journeyCode=19b1c28d-ebce-4b80-9905-c9674b8aa886&journeyId=21435
Requested by
Host: config1.veinteractive.com
URL: https://config1.veinteractive.com/scripts/5.0/capture-apps-5.0.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.2.224.47 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-224-47.deploy.static.akamaitechnologies.com
Software
VeGlobal /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Host
config1.veinteractive.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://secure.pestana.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.pestana.com/

Response headers

Content-Length
100
Content-Type
text/html
Content-Encoding
gzip
Content-MD5
Lze7h8guZpPbKozvbP08Tw==
Last-Modified
Wed, 27 May 2020 06:25:05 GMT
ETag
0x8D80206B23922E5
x-ms-request-id
a96ef1ae-b01e-009f-5f4c-34132f000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, s-maxage=3600
Date
Wed, 03 Jun 2020 17:14:53 GMT
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1;mode=block
X-Content-Type-Options
nosniff
Server
VeGlobal
pixel
a.volvelle.tech/ 		0
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.volvelle.tech/pixel?id=384&aid=155&type=js
Requested by
Host: pesweb.azureedge.net
URL: https://pesweb.azureedge.net/assets/js/vendor/jquery.min.js?v=151
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.210.178.101 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
101.178.210.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
a.volvelle.tech/ul_cb/
Redirect Chain
  • https://a.volvelle.tech/pixel?id=6351&aid=819&type=js
  • https://a.volvelle.tech/ul_cb/pixel?id=6351&aid=819&type=js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.volvelle.tech/ul_cb/pixel?id=6351&aid=819&type=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.210.178.101 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
101.178.210.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
089a0568844a119c4d63be1f8c680279e29b529153b61b9e7c65aeb4c724b62d

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
1464
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://a.volvelle.tech/ul_cb/pixel?id=6351&aid=819&type=js
Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
a.volvelle.tech/ul_cb/
Redirect Chain
  • https://a.volvelle.tech/pixel?id=6352&aid=819&type=js
  • https://a.volvelle.tech/ul_cb/pixel?id=6352&aid=819&type=js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.volvelle.tech/ul_cb/pixel?id=6352&aid=819&type=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.210.178.101 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
101.178.210.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d8f66249f824325f9619d5dc764dfb707d64809abb8af2d3447c7662ee330a7

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
1464
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://a.volvelle.tech/ul_cb/pixel?id=6352&aid=819&type=js
Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
a.volvelle.tech/ul_cb/
Redirect Chain
  • https://a.volvelle.tech/pixel?id=6353&aid=819&type=js
  • https://a.volvelle.tech/ul_cb/pixel?id=6353&aid=819&type=js
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.volvelle.tech/ul_cb/pixel?id=6353&aid=819&type=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.210.178.101 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
101.178.210.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2182206d873ad93f335c537a5d35cb21e85a9a7281e1bbd37993e1d59577b07e

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
1464
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://a.volvelle.tech/ul_cb/pixel?id=6353&aid=819&type=js
Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
a.volvelle.tech/ 		0
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.volvelle.tech/pixel?id=6354&aid=819&type=js
Requested by
Host: pesweb.azureedge.net
URL: https://pesweb.azureedge.net/assets/js/vendor/jquery.min.js?v=151
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.210.178.101 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
101.178.210.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Jun 2020 17:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=6126003;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
  • https://ad.doubleclick.net/ddm/activity/src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
  • https://adservice.google.com/ddm/fls/z/src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=6126003;dc_pre=CPmY09SS5ukCFcxIGAodOQoBew;type=invmedia;cat=kcgfz8fl;ord=6314409536528.003
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=6364439;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
  • https://ad.doubleclick.net/ddm/activity/src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
  • https://adservice.google.com/ddm/fls/z/src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=6364439;dc_pre=CKaY09SS5ukCFZMWGAodF6EJrw;type=invmedia;cat=pmumkf5i;ord=9050458609265.037
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
19B1C28D-EBCE-4B80-9905-C9674B8AA886
cookiee1.veinteractive.com/api/Set/ 		76 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookiee1.veinteractive.com/api/Set/19B1C28D-EBCE-4B80-9905-C9674B8AA886?ifs=true&offset=-120&referrer=secure.pestana.com&status=0&ttl=0&uid=&version=5.0.0
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.124.82.179 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3bceb454021d9b0d2ee497c4eac4e756d084815faf9787be6bb2c4be44aa1823
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript
Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-frame-options
SAMEORIGIN
p3p
policyref="/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
https://secure.pestana.com
arr-disable-session-affinity
true
access-control-allow-credentials
true
strict-transport-security
max-age=15724800
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
rum
dsum.casalemedia.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=652f5169-e642-4339-9359-c68ee2a608eb
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=652f5169-e642-4339-9359-c68ee2a608eb
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&C=1
43 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Jun 2020 17:14:53 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 03 Jun 2020 17:14:53 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Jun 2020 17:14:53 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
295
Expires
Wed, 03 Jun 2020 17:14:53 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=10284f5a-4067-4c93-ad8b-0f302216b78f
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=10284f5a-4067-4c93-ad8b-0f302216b78f
  • https://ce.lijit.com/merge?pid=26&3pid=0a901531-f02b-4bf6-ab4d-dd307fb40033
  • https://ce.lijit.com/merge?pid=26&3pid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dnr=1
0
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Jun 2020 17:14:53 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Jun 2020 17:14:53 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=26&3pid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=32fe820c-533d-481d-be96-04a347baf0e0
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=32fe820c-533d-481d-be96-04a347baf0e0
  • https://eb2.3lift.com/xuid?mid=2409&xuid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dongle=d3d3
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=
37 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.22.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-22-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=2409&xuid=0a901531-f02b-4bf6-ab4d-dd307fb40033&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
SyncCookie
cookiee1.veinteractive.com/api/
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26userId%3Dd5196...
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26userId%3...
  • https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&userId=d5196df8-692f-4886-a44b-8f308dc3ba16
0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&userId=d5196df8-692f-4886-a44b-8f308dc3ba16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.124.82.179 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
p3p
policyref="/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status
204
arr-disable-session-affinity
true
access-control-allow-credentials
true
strict-transport-security
max-age=15724800
x-xss-protection
1; mode=block

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&userId=d5196df8-692f-4886-a44b-8f308dc3ba16
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
s.pubmine.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=e9519999-74d4-4dd6-9deb-b21f4c802c97
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=e9519999-74d4-4dd6-9deb-b21f4c802c97
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&ssp_data=&gdpr=&gdpr_consent=
43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&ssp_data=&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.33.106.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-106-135.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Jun 2020 17:14:53 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//s.pubmine.com/match?bidder_id=1&external_user_id=0a901531-f02b-4bf6-ab4d-dd307fb40033&ssp_data=&gdpr=&gdpr_consent=
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
put
e1.emxdgt.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=a4f8259b-0a39-4a8d-a87a-0815c9e5548e
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=a4f8259b-0a39-4a8d-a87a-0815c9e5548e
  • https://e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 03 Jun 2020 17:14:52 GMT
content-length
43
x-nosync
emp
content-type
image/gif

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=d3ea2c8d-2243-46f6-9399-f6b9e9d99a4e
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=0a901531-f02b-4bf6-ab4d-dd307fb40033
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=0a901531-f02b-4bf6-ab4d-dd307fb40033
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=0a901531-f02b-4bf6-ab4d-dd307fb40033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.188.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jun 2020 17:14:53 GMT
via
1.1 google
server
OXGW/16.188.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 03 Jun 2020 17:14:53 GMT
via
1.1 google
server
OXGW/16.188.0
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=0a901531-f02b-4bf6-ab4d-dd307fb40033
alt-svc
clear
content-length
0
0a901531-f02b-4bf6-ab4d-dd307fb40033
dmx.districtm.io/s/10009/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=100dad09-d251-47b1-b9cc-1985ec30aef1
  • https://dmx.districtm.io/s/10009/0a901531-f02b-4bf6-ab4d-dd307fb40033
0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmx.districtm.io/s/10009/0a901531-f02b-4bf6-ab4d-dd307fb40033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
59db0d943e43c779-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
031cc6d0a70000c779f19c2200000001

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//dmx.districtm.io/s/10009/0a901531-f02b-4bf6-ab4d-dd307fb40033
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
put
e1.emxdgt.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=16ef2088-39b8-4529-ac66-b747dc8b31b0
  • https://e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 03 Jun 2020 17:14:52 GMT
content-length
43
x-nosync
emp
content-type
image/gif

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//e1.emxdgt.com/put?d=d21&uid=0a901531-f02b-4bf6-ab4d-dd307fb40033
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&cb=c08bb179-8548-4bf3-8802-d31d7c7f64e7
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0a901531-f02b-4bf6-ab4d-dd307fb40033
1 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0a901531-f02b-4bf6-ab4d-dd307fb40033
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 03 Jun 2020 17:14:53 GMT
X-lat
Pug22072:0:353
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0a901531-f02b-4bf6-ab4d-dd307fb40033
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
appsmanagerinit
sessionapi.veinteractive.com/api/ 		717 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessionapi.veinteractive.com/api/appsmanagerinit?isCookieEnabled=true&timeToLive=60&captureVersion=5.0&journeyCode=19B1C28D-EBCE-4B80-9905-C9674B8AA886&landingPage=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&offset=-120&referrerDomain=&status=3&uid=9eec7411-8ab3-43e7-b0d4-86d3d46450d0&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.137.27.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
07c962d13492bae42bb2b9b92ed8fb9c623ac3ffadd493f7b44174effb64e738
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript
Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.pestana.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800
vary
Accept-Encoding
x-xss-protection
1; mode=block
SyncCookie
cookiee1.veinteractive.com/api/
Redirect Chain
  • https://a.volvelle.tech/sync?source=ve&redirect=//cookiee1.veinteractive.com/api/SyncCookie?clientName%3Dvolvelle%26journeyCode%3D19B1C28D-EBCE-4B80-9905-C9674B8AA886%26version%3D5.0.0%26referrer%3...
  • https://x.bidswitch.net/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=https%3A%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26journe...
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=190&user_group=1&user_id=d5196df8-692f-4886-a44b-8f308dc3ba16&redir=https%3A%2F%2Fcookiee1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26...
  • https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=19B1C28D-EBCE-4B80-9905-C9674B8AA886&version=5.0.0&referrer=secure.pestana.com&offset=-120&userId=d5196df8-692f-488...
0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=19B1C28D-EBCE-4B80-9905-C9674B8AA886&version=5.0.0&referrer=secure.pestana.com&offset=-120&userId=d5196df8-692f-4886-a44b-8f308dc3ba16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.124.82.179 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
p3p
policyref="/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status
204
arr-disable-session-affinity
true
access-control-allow-credentials
true
strict-transport-security
max-age=15724800
x-xss-protection
1; mode=block

Redirect headers

status
302
date
Wed, 03 Jun 2020 17:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://cookiee1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=19B1C28D-EBCE-4B80-9905-C9674B8AA886&version=5.0.0&referrer=secure.pestana.com&offset=-120&userId=d5196df8-692f-4886-a44b-8f308dc3ba16
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
FormMappings
dtrc.veinteractive.com/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dtrc.veinteractive.com/FormMappings
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.124.84.95 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript
Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json;charset=UTF-8

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT
x-content-type-options
nosniff
status
204
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://secure.pestana.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b5116948-0030-41e8-b5d4-e5b9c8c231a4
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1400850480187280&ev=Microdata&dl=https%3A%2F%2Fsecure.pestana.com%2Fen%2Fhome%2Fnotfound%3Faspxerrorpath%3D%2Fimgbank%2F&rl=&if=false&ts=1591204493591&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pestana%20Hotel%20Group%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22Pestana%20Hotel%20Group%22%2C%22logo%22%3A%22https%3A%2F%2Fpesweb.azureedge.net%2Fassets%2Fimg%2Fbrands%2Fheader%2Fsquare%2Flogo-all-coloured.png%3Fscale%3Ddownscaleonly%26encoder%3Dfreeimage%26progressive%3Dtrue%26quality%3D70%26w%3D121%26h%3D96%26mode%3Dcrop%22%2C%22url%22%3A%22https%3A%2F%2Fwww.pestana.com%2Fen%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FBrand%22%7D%2C%7B%22dimensions%22%3A%7B%22h%22%3A59%2C%22w%22%3A210%7D%2C%22properties%22%3A%7B%22name%22%3A%22Pestana%20Hotel%20Group%22%2C%22logo%22%3A%22https%3A%2F%2Fpesweb.azureedge.net%2Fassets%2Fimg%2Fbrands%2Fheader%2Fsquare%2Flogo-all-coloured.png%3Fscale%3Ddownscaleonly%26encoder%3Dfreeimage%26progressive%3Dtrue%26quality%3D70%26w%3D121%26h%3D96%26mode%3Dcrop%22%2C%22url%22%3A%22https%3A%2F%2Fwww.pestana.com%2Fen%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FBrand%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1591204493087.1195522502&it=1591204492814&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.pestana.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 17:14:53 GMT, Wed, 03 Jun 2020 17:14:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 03 Jun 2020 17:14:53 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| html5 object| Modernizr function| yepnope object| respond function| $ function| jQuery function| loadJS function| getCookieValue object| App object| searchBarVoucher function| submitDesktopFeedback function| setInputFilter function| LazyLoadOnFirstScreenScroll function| openLoginModal object| createit object| paymentValidator function| printDiv function| Bloodhound function| _ object| jQuery1111048886883903053113 object| classie function| getStyleProperty function| getSize object| eventie function| EventEmitter function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery object| Placeholders function| imagesLoaded function| moment object| ParsleyConfig object| Validator object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator function| Hammer object| $body object| appInsights object| dataLayer object| _this_ object| google_tag_manager function| postscribe object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_data string| GoogleAnalyticsObject function| ga function| getObjects function| getValues function| getKeys object| gaplugins object| gaGlobal object| gaData function| gtag undefined| c2cWidget undefined| generalWidget undefined| meetingWidget undefined| bestRateWidget function| recaptchaCallback object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_optimize function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| recaptcha function| fbq function| _fbq object| uetq function| UET boolean| aff_masterTag boolean| aff_tag_monitor boolean| aff_uaParser boolean| aff_veint boolean| aff_denomatic boolean| aff_ACD object| aff_Sha256 object| aff_Utf8 object| AffCD object| AffMLC function| UAParser string| _AffMLC_propagate_param object| veTagData string| DNdbmID string| DNsegment string| DNsegmentLanguage object| DNhotels number| DNidp number| DNidpLanguage string| DNCounter object| DNbrand object| DNdestination object| DNLanguage object| _etmc object| _etmc_temp string| func_name object| args string| collect_url object| VeAPI function| VEjQuery

6 Cookies

Domain/Path Name / Value
.pestana.com/ Name: _gcl_au
Value: 1.1.1627885915.1591204490
secure.pestana.com/ Name: ASP.NET_SessionId
Value: ufmzwbw4xvy3jgja4nun00yx
secure.pestana.com/ Name: ai_user
Value: +BEBi|2020-06-03T17:14:49.752Z
secure.pestana.com/ Name: Q2WZBGVEOJMPR
Value:
secure.pestana.com/ Name: F2dskP5ouY
Value: dEbByLSzBAZfGLpnU7xYS9r/QXe4p5YAaqiHE5aZucNTEjwAJzwkzMjsELMfhCpz
secure.pestana.com/ Name: E9ysfE3mAu
Value:

4 Console Messages

Source Level URL
Text
console-api log URL: https://pesweb.azureedge.net/assets/js/gRecaptcha-functions.min.js?v=150(Line 1)
Message:
c2cWidget script not enabled
console-api log (Line 1)
Message:
--- SF Collect ---
console-api log (Line 1)
Message:
Pestana user id is ' 00000000-0000-0000-0000-000000000000 '
console-api log (Line 1)
Message:
Marketing cloud user id: ' '

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100006765.collect.igodigital.com
6486114.fls.doubleclick.net
6541131.fls.doubleclick.net
a.volvelle.tech
ad.doubleclick.net
adservice.google.com
az416426.vo.msecnd.net
bat.bing.com
cdn.denomatic.com
ce.lijit.com
config1.veinteractive.com
connect.facebook.net
cookiee1.veinteractive.com
customs.affilired.com
dc.services.visualstudio.com
dmx.districtm.io
dsum.casalemedia.com
dtrc.veinteractive.com
e1.emxdgt.com
eb2.3lift.com
googleads.g.doubleclick.net
nova.collect.igodigital.com
pestana.azureedge.net
pesweb.azureedge.net
s.pubmine.com
secure.pestana.com
sessionapi.veinteractive.com
simage2.pubmatic.com
stats.g.doubleclick.net
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.16.68.69
13.224.95.88
172.217.18.166
18.195.155.181
185.64.189.110
216.52.2.30
216.58.207.66
23.2.224.47
2600:9000:21f3:f800:f:900d:ef80:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:c11::200
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9a
2a03:2880:f046:f:face:b00c:0:3
2a03:2880:f146:82:face:b00c:0:25de
35.210.178.101
35.244.159.8
51.124.82.179
51.124.84.95
51.137.27.140
51.140.6.23
52.178.89.129
52.207.52.76
52.29.176.117
52.29.22.19
63.33.106.135
72.247.225.98
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
065fcf60072b8542677fc4875c75990b0d497562f261ab1218321d4b76ce47d5
07c962d13492bae42bb2b9b92ed8fb9c623ac3ffadd493f7b44174effb64e738
089a0568844a119c4d63be1f8c680279e29b529153b61b9e7c65aeb4c724b62d
0ad84cd78fd7c088d3ef7943751c97e9b734ba7297c4978f04f791ac85b9552e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12062e621a8c1d87e024d4533e10aa6d206e882b7c33e0d256f8bb24dd08e29b
15435755fbef0126e344fe2f8833c5d1b6e6fe6865c03fc654811c5b2f05c1fc
16a70cba59c1fb5e2ccaf30f3794f8aff20af0710760c715c69207bdb2affbf6
2182206d873ad93f335c537a5d35cb21e85a9a7281e1bbd37993e1d59577b07e
285d00e99529fe6856178cf722ca47b52915aaa44b0c2c22121c10a11960e75b
29c246371784ca3eb0a1ebc427249f1343b2c40450e07fd343da3815341e83d3
2d8f66249f824325f9619d5dc764dfb707d64809abb8af2d3447c7662ee330a7
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3540698a49a7e33445537f5303e7e51991680dad9f840aad1fc11d1070b5b29f
390c4d21146bc7b017cdf47649f87022cfeb064acac2649fa20bda0e89d50586
3bceb454021d9b0d2ee497c4eac4e756d084815faf9787be6bb2c4be44aa1823
3f599b2e5ea7cb72de10bdf0d1b30e9c219a53ccd69d9206d347b244ddb721c8
42195f22dc78be34ad393498ac13fa0ba65ebddc2d03c76ff2d7b47908546b3d
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d3d713e2d22c5e51ad44d9d44e7b8d94f4415392f103639de309eadf9bbe2b
5a708e79a834e6f65b37300f7f0e0d11db14f3c5aee20ee20dd5c8ddeea45bc8
5c6ad72e595453899d27560b138c2a7f8e08908e37f773afed5b7d1c8c6c2ae6
6361e710abe4cf6550879d8f1ac8206fdc7ee5a3b19bacc635820bfdb91fd86f
674afb0f8b114df3fa8c9642eed5fc806097ae417af3f248753bffe2d4c7cec3
706364321d591f42a1a2f394630c006fa3e8cab2a2a118cec6adcb8a7d3c721f
76c54fa8cb321fbad0f8cacd9ae199cd6114ebd9ad82177a1f6aedbc200aac76
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c
7911cc0b9f42bd4b128b9e5b063f90fb1cc682d38c2ab65beebb000d67582a21
7b7d82f0a18db99b0c7a999553847d0bd4cac184ca2aba416c728d641b70b7f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8544d200493b3657948215e1219b8218f2a33ce5a077b74ac1bf17cc811481b1
929b173fe5de52e86be43b47db00cf8fce66664a2f3c69b5710664de66ab0ba0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
986b4154ef0c07a521425789fd1247dfbd8c142cd1cee5f3634bc245d2921b15
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b06c07dc8d5c3f86d0ed894d9d383dcbc68a6cd05e91820f976f58e8be352f2
9d2d917a509ddbdddf15c9ab1322a8ac2fa63875decf2c71eea0b1b5bc53169c
9d9aff1b2b9d5752873c29d5181aa66a184cdabbe5debeb11e339bb266ddee22
a3efdcd65c3198817359c7372143d78b7fbaefe9d77b78bd1197819cee6231cd
ac80d1d43ec212e2559918a0e88b9bbebe4c0346c79aa99395bb3ce68a6cc1c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3292a1dfe63745a1be35ea99fa043b66578ec0b4f3a81d406d6cc5e09ec853e
b805d841b366da0d90216a5885ff6cbaa599af2f24bacacc4cac05464fa47a05
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdf1446bcd7a691c1d64a457fa1d30499303a97739725bbee4eed7ff07513b65
cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5
dd3434049cd3d7f542f4a91f20bf2a083f0a6e5bcd3a054bd9dab720445d36bb
ddfa598b7900f9298c1dd0d8cad6f965429713af3d760592fae8f56ee279ef47
e31176b865c703ec216c8764dc77dc939245420121c819e04472a68e3b9a03bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ba56a9639d8a020e8271901758a95c16457fc785a80d5d38253169c8d0df04
e83050649f63588ec619a242a2b099a144073160a72db8a98a1db2216436dd87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629