www.costao.com.br Open in urlscan Pro
177.47.0.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.crm.costao.com.br/?qs=fcab053038e7b3fe8b715ac123ba1b58a8fe81f09337248dfbe7477fee3f4ee85be91d6a7eb66f194e477dec7130...
Effective URL:
https://www.costao.com.br/pacotes/semana-da-patria
Submission: On June 29 via api (June 29th 2023, 4:24:02 pm UTC) from AR — Scanned from DE

Summary HTTP 170 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 68 domains to perform 170 HTTP transactions. The main IP is 177.47.0.55, located in São Paulo, Brazil and belongs to EQUINIX BRASIL, BR. The main domain is www.costao.com.br.
TLS certificate: Issued by R3 on June 12th 2023. Valid for: 3 months.

This is the only time www.costao.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.209.102 128.245.209.102	14340 (SALESFORCE) (SALESFORCE)
42	177.47.0.55 177.47.0.55	16397 (EQUINIX B...) (EQUINIX BRASIL)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	23.52.123.202 23.52.123.202	16625 (AKAMAI-AS) (AKAMAI-AS)
10	52.222.250.119 52.222.250.119	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:262f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 8	2606:4700:303... 2606:4700:3031::ac43:8e98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.23.147 18.66.23.147	16509 (AMAZON-02) (AMAZON-02)
4	23.38.98.84 23.38.98.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 27	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	151.101.2.83 151.101.2.83	54113 (FASTLY) (FASTLY)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	35.157.132.87 35.157.132.87	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.159.197.157 18.159.197.157	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
2 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	52.49.138.0 52.49.138.0	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 2	54.76.252.247 54.76.252.247	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.23.58 52.28.23.58	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:1f18:612... 2600:1f18:612b:4200:180a:bb6b:7eca:821b	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.13.95 52.210.13.95	16509 (AMAZON-02) (AMAZON-02)
1 1	3.69.98.172 3.69.98.172	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.160.221 2.18.160.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.124.134.111 3.124.134.111	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:612... 2600:1f18:612b:4232:b493:e747:963e:44dd	14618 (AMAZON-AES) (AMAZON-AES)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	95.101.54.217 95.101.54.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.222.164.219 52.222.164.219	16509 (AMAZON-02) (AMAZON-02)
2 2	54.217.24.45 54.217.24.45	16509 (AMAZON-02) (AMAZON-02)
1	3.209.224.69 3.209.224.69	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.199.29.154 44.199.29.154	14618 (AMAZON-AES) (AMAZON-AES)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	3.126.222.121 3.126.222.121	16509 (AMAZON-02) (AMAZON-02)
1 1	3.73.242.95 3.73.242.95	16509 (AMAZON-02) (AMAZON-02)
2 2	18.66.218.75 18.66.218.75	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	104.237.150.96 104.237.150.96	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1 1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	108.128.74.29 108.128.74.29	16509 (AMAZON-02) (AMAZON-02)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.219.147.111 18.219.147.111	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	35.186.241.51 35.186.241.51	() ()
3	151.101.65.182 151.101.65.182	() ()
170	63

1 128.245.209.102 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: ajn102.mta.exacttarget.com

click.crm.costao.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 177.47.0.55 (São Paulo, Brazil)

ASN16397 (EQUINIX BRASIL, BR)
PTR: static.177.47.0.55.datacenter1.com.br

www.costao.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.52.123.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-202.deploy.static.akamaitechnologies.com

www.tripadvisor.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.222.250.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-119.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dk9suync0k2va.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3031::ac43:8e98 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.23.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-147.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.98.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-84.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.83 (United States)

ASN54113 (FASTLY, US)

static.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.132.87 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-132-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.197.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-197-157.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.138.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-138-0.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.252.247 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-252-247.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.23.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-23-58.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:180a:bb6b:7eca:821b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.13.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-13-95.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.98.172 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-98-172.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.221 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-221.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.134.111 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-134-111.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:b493:e747:963e:44dd (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.217 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.164.219 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-164-219.cdg52.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.24.45 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-24-45.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.224.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-224-69.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.29.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-29-154.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.222.121 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-222-121.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.242.95 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-242-95.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.218.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-75.mxp63.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.150.96 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: lciapi-ewr-06.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.74.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-74-29.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.219.147.111 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-147-111.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.182 (None, )

ASN- ()

static-meta.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	costao.com.br 1 redirects click.crm.costao.com.br www.costao.com.br	2 MB
28	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 s.amazon-adsystem.com — Cisco Umbrella Rank: 333	25 KB
11	triptease.io 1 redirects onboard.triptease.io — Cisco Umbrella Rank: 27576 static-meta.triptease.io	136 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 sslwidget.criteo.com — Cisco Umbrella Rank: 1751 widget.us.criteo.com — Cisco Umbrella Rank: 17561 dis.criteo.com — Cisco Umbrella Rank: 608	14 KB
10	cloudfront.net d335luupugsy2.cloudfront.net dk9suync0k2va.cloudfront.net	97 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	5 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	3 KB
4	360yield.com 3 redirects ad.360yield.com — Cisco Umbrella Rank: 670 match.360yield.com — Cisco Umbrella Rank: 2409	2 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 718	116 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	68 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	3 KB
3	casalemedia.com 2 redirects r.casalemedia.com — Cisco Umbrella Rank: 1573 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485	2 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1276 c1.adform.net — Cisco Umbrella Rank: 633	1 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 338 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1412	868 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4752	672 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	820 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	229 KB
3	tripadvisor.com.br www.tripadvisor.com.br — Cisco Umbrella Rank: 76232	16 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1361	1 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	616 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1260 lm.serving-sys.com — Cisco Umbrella Rank: 2030	780 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 794	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 4725	1 KB
2	tremorhub.com 1 redirects criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2505 amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5321	790 B
2	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 797 image6.pubmatic.com — Cisco Umbrella Rank: 812	917 B
2	taboola.com 1 redirects sync-t1.taboola.com — Cisco Umbrella Rank: 1321 sync.taboola.com — Cisco Umbrella Rank: 1091	268 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374 token.rubiconproject.com — Cisco Umbrella Rank: 652	592 B
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 100953 popups.rdstation.com.br — Cisco Umbrella Rank: 85241	96 KB
2	tacdn.com static.tacdn.com — Cisco Umbrella Rank: 8979	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	217 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	64 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	237 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
1	mixpanel.com api-js.mixpanel.com	372 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	26 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2046	270 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	339 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2191	345 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3516	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1496	324 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	305 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1251	214 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5534	658 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2931	187 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 3973	881 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 643	691 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 662	472 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 533	485 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2245	39 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3886	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 26095	153 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 778	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1226	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2951	275 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1006	237 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 422	141 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2136	165 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	363 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 675	795 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5599	18 KB
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 18414	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	15 KB
0	freegeoip.net Failed freegeoip.net Failed
0	info-tickets.com Failed admin.info-tickets.com Failed
170	68

	Domain	Requested by
42	www.costao.com.br	www.costao.com.br connect.facebook.net
27	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com www.costao.com.br s.amazon-adsystem.com
8	onboard.triptease.io	1 redirects www.costao.com.br onboard.triptease.io
8	d335luupugsy2.cloudfront.net	www.costao.com.br d335luupugsy2.cloudfront.net
5	gum.criteo.com	4 redirects static.criteo.net
4	analytics.tiktok.com	www.costao.com.br analytics.tiktok.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	static-meta.triptease.io	onboard.triptease.io static-meta.triptease.io
3	dpm.demdex.net	2 redirects
3	ib.adnxs.com	3 redirects
3	x.bidswitch.net	2 redirects
3	www.google.de	www.costao.com.br
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.costao.com.br
3	www.googletagmanager.com	www.costao.com.br www.googletagmanager.com d335luupugsy2.cloudfront.net
3	www.tripadvisor.com.br	www.costao.com.br
2	dk9suync0k2va.cloudfront.net
2	uipglob.semasio.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	match.360yield.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	s.amazon-adsystem.com
2	secure.adnxs.com	1 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	static.tacdn.com	www.tripadvisor.com.br
2	www.facebook.com	www.costao.com.br
2	www.youtube.com	www.costao.com.br www.youtube.com
2	www.google.com	www.costao.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.costao.com.br connect.facebook.net
2	fonts.googleapis.com	www.costao.com.br d335luupugsy2.cloudfront.net
1	api-js.mixpanel.com	cdn.mxpnl.com
1	cdn.jsdelivr.net	d335luupugsy2.cloudfront.net
1	s.thebrighttag.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	beacon.krxd.net
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	widget.us.criteo.com	www.costao.com.br
1	sslwidget.criteo.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	c.amazon-adsystem.com	www.costao.com.br
1	cdn.mxpnl.com	www.costao.com.br
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	mug.criteo.com	www.costao.com.br
1	js.maxmind.com	www.costao.com.br
1	static.criteo.net	www.costao.com.br
1	click.crm.costao.com.br	1 redirects
0	freegeoip.net Failed	www.costao.com.br
0	admin.info-tickets.com Failed	www.costao.com.br
170	90

This site contains links to these domains. Also see Links.

Domain
faq.costao.com.br
book.omnibees.com
novidades.costao.com.br
proprietario.costao.com.br
eventos.costao.com.br
www.tripadvisor.com.br
vagas.costao.com.br
www.facebook.com
www.youtube.com
www.instagram.com
www.linkedin.com
wa.me
abr-resortsbrasil.com.br
www.costaogolf.com.br
costaoville.com.br
www.costaovacation.com.br

Subject Issuer	Validity	Valid
www.costao.com.br R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
www.tripadvisor.com GlobalSign RSA OV SSL CA 2018	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.maxmind.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-10-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
onboard.triptease.io GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
static.tacdn.com GlobalSign RSA OV SSL CA 2018	`2023-02-22` - `2024-03-19`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2022-08-29` - `2023-09-29`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
popups.rdstation.com.br R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.triptease.io GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.costao.com.br/pacotes/semana-da-patria
Frame ID: 63E0E1D0EAB33C9FCD33426EF5192D76
Requests: 108 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.costao.com.br&origin=onetag
Frame ID: 3E6B4B3417E5A74134D3A3F90026AB3D
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728&dcc=t
Frame ID: 5B6D3A5119BBDC52E38AE0595B6A0814
Requests: 1 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v6664.78943/kernel-host.html?originHost=www.costao.com.br
Frame ID: FB70B34C1AB04306A584809B8CD77F91
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D53353c0a-0ebf-24ff-daa0-114dda983407%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.costao.com.br/&ex-hargs=v%3D1.0%3Bc%3D582062490952948045%3Bp%3D53353C0A-0EBF-24FF-DAA0-114DDA983407&cb=47070792987552904
Frame ID: 5B2C9308260AEF82AD14BB22FE140205
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30
Frame ID: 7ED3104C0E76DA28EF4CE2B28F3EDE23
Requests: 28 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4
Frame ID: 28FA2009DE58477DB4528488136EAF8D
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Semana da Pátria | Resort Costão do SantinhoFecharFechar

Page URL History Show full URLs

https://click.crm.costao.com.br/?qs=fcab053038e7b3fe8b715ac123ba1b58a8fe81f09337248dfbe7477fee3f4ee85be91d6a... HTTP 302
https://www.costao.com.br/pacotes/semana-da-patria Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

170
Requests

78 %
HTTPS

24 %
IPv6

68
Domains

90
Subdomains

63
IPs

10
Countries

3423 kB
Transfer

8262 kB
Size

77
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://faq.costao.com.br/
Title: Dúvidas frequentes

Search URL Search Domain Scan URL

URL: https://book.omnibees.com/hotel/4937?currencyId=16&lang=pt-BR
Title: Solicite um orçamento

Search URL Search Domain Scan URL

URL: https://novidades.costao.com.br/trabalhe-conosco
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: http://proprietario.costao.com.br/
Title: Portal do Proprietário

Search URL Search Domain Scan URL

URL: https://novidades.costao.com.br/promocoes
Title: Promoções

Search URL Search Domain Scan URL

URL: http://eventos.costao.com.br/
Title: Eventos

Search URL Search Domain Scan URL

URL: https://book.omnibees.com/hotelresults?CheckIn=06092023&CheckOut=10092023&ad=2&ag=&ch=0&lang=pt-BR&q=4937&sid=7i1tyk&_gl=1*14j94t5*_gcl_aw*R0NMLjE2ODI2MTM3NzIuQ2p3S0NBand1cWlpQmhCdEVpd0FUZ3ZpeEM2bW9HRWFPclVYbVhkSDlEVXRSMGJidWN1WGFnY0dnUmFhbHN2YU15UnBXZEtPSnM0OUpob0M2bThRQXZEX0J3RQ..*_ga*MTAyNTc4MDQ3NC4xNjc1Nzc3MDU3*_ga_823M369EWK*MTY4MjcxNDM5Ni4yMTguMS4xNjgyNzE0OTkzLjUwLjAuMA..&_ga=2.212056532.1515373392.1682172764-1025780474.1675777057&_gac=1.86704874.1682613774.CjwKCAjwuqiiBhBtEiwATgvixC6moGEaOrUXmXdH9DUtR0bbucuXagcGgRaalsvaMyRpWdKOJs49JhoC6m8QAvD_BwE
Title: Reserve agora

Search URL Search Domain Scan URL

URL: http://www.tripadvisor.com.br/Hotel_Review-g303576-d306302-Reviews-Costao_do_Santinho_Resort_Golf_Spa-Florianopolis_State_of_Santa_Catarina.html
Title: Costao do Santinho Resort Golf & Spa

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com.br/

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com.br/Hotel_Review-g303576-d306302-Reviews-Costao_do_Santinho_Resort_Golf_Spa-Florianopolis_State_of_Santa_Catarina.html
Title: Faça sua avaliação

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com.br/ShowUserReviews-g303576-d306302-r407650159-Costao_do_Santinho_Resort_Golf_Spa-Florianopolis_State_of_Santa_Catarina.html#CHECK_RATES_CONT
Title: Espetacular

Search URL Search Domain Scan URL

URL: http://vagas.costao.com.br/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://www.facebook.com/resortcostao
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/costaochannel
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/costaodosantinho/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cost-o-do-santinho-resort-golf-e-spa
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://wa.me/5548984765151
Title: +55 48 984765151

Search URL Search Domain Scan URL

URL: http://abr-resortsbrasil.com.br/

Search URL Search Domain Scan URL

URL: http://www.costaogolf.com.br/

Search URL Search Domain Scan URL

URL: http://costaoville.com.br/

Search URL Search Domain Scan URL

URL: http://www.costaovacation.com.br/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.crm.costao.com.br/?qs=fcab053038e7b3fe8b715ac123ba1b58a8fe81f09337248dfbe7477fee3f4ee85be91d6a7eb66f194e477dec7130256b7dcd8001298a373b HTTP 302
https://www.costao.com.br/pacotes/semana-da-patria Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://gum.criteo.com/sid/json?origin=onetag&domain=costao.com.br&sn=ChromeSyncframe&so=0&topUrl=www.costao.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=moKXFXxNYXAwWE5QQSsxb0pMUUIxMjlOcUZMUVlXQUM5Q0RCeFlrWXI2TzVUZzBYdDl6YWpiSEgxbDFiMm1zeElObDRZV0pkd1oxeXlGeUo4dENadUwvT1JVc0RlZ0NMNUNjZ3JGZFFsYW5TQ21GVjJrT0RyMnNkcWZiNGFtbHRvY2o4QTUzdm9NVWQzT2N6VHVJN0JiS3NscjVhaSt6ZVFBZWpKSzBTb0xHZm91VXBOcE1EVHpmWEcxY0NiblN5UUU0Ky9HOXhUSDdwSHg4ckFDTElZeHRwRVUwaVhNWnNOZ1BQYUFmZlM3T0hGZEFxeEtUQ0xYZHpyYjNVRWNTYytuRnpJZmFpZ2oyaWcxK3VJZ0wvT0pJeWdzZz09fA&cppv=2

Request Chain 47

https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB HTTP 307
https://onboard.triptease.io/bootstrap/v6664.78943/bootstrap.js

Request Chain 61

https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728&dcc=t

Request Chain 73

https://sslwidget.criteo.com/event?a=27659&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D644c31e5f7baff4ea0fbbe37&p3=e%3Dvs%26din%3D2023-09-06%26dout%3D2023-09-10&p4=e%3Ddis&adce=1&bundle=DKnndV9wS3oxUVhDdlFTNGM0QiUyRmFhOVFBTVdza0VmMldDWCUyRlQlMkI0Y2M4QVJEVnZ3ZEJyTWdYVnZvQmdQQjhuNzA4NzhvQVN6TVUlMkZFMHdsenBFTHElMkJZaDVXZFpXTWQ1aG1qRUtjWVJVQzhWc2tJNlFSQUUwSnZzWmdqeUhSaEJtZ25Rd0dWdU9rZktsVTR6TUM2V1JRb2Z3JTJGUUElM0QlM0Q&tld=costao.com.br&fu=https%253A%252F%252Fwww.costao.com.br%252Fpacotes%252Fsemana-da-patria&ceid=a705dc0d-9636-4308-87bb-77ea77ffd1c1&dtycbr=39311 HTTP 302
https://widget.us.criteo.com/event?a=27659&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D644c31e5f7baff4ea0fbbe37&p3=e%3Dvs%26din%3D2023-09-06%26dout%3D2023-09-10&p4=e%3Ddis&adce=1&bundle=DKnndV9wS3oxUVhDdlFTNGM0QiUyRmFhOVFBTVdza0VmMldDWCUyRlQlMkI0Y2M4QVJEVnZ3ZEJyTWdYVnZvQmdQQjhuNzA4NzhvQVN6TVUlMkZFMHdsenBFTHElMkJZaDVXZFpXTWQ1aG1qRUtjWVJVQzhWc2tJNlFSQUUwSnZzWmdqeUhSaEJtZ25Rd0dWdU9rZktsVTR6TUM2V1JRb2Z3JTJGUUElM0QlM0Q&tld=costao.com.br&fu=https%253A%252F%252Fwww.costao.com.br%252Fpacotes%252Fsemana-da-patria&ceid=a705dc0d-9636-4308-87bb-77ea77ffd1c1&dtycbr=39311

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-xUC6tlGsuk4MyiXCO3uNGUoBF16Gl4xLYRpXmw&google_cm&google_hm=ay14VUM2dGxHc3VrNE15aVhDTzN1TkdVb0JGMTZHbDR4TFlScFhtdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xUC6tlGsuk4MyiXCO3uNGUoBF16Gl4xLYRpXmw&google_gid=CAESED7XmULpXCTfNz_nRT4JcLw&google_cver=1&google_ula=913071,0

Request Chain 95

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=625490473557201202

Request Chain 96

https://secure.adnxs.com/setuid?entity=52&code=k-5ec1tFGsuk4MyiXCO3uNGUoBF16pxUcj1b31EA HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-5ec1tFGsuk4MyiXCO3uNGUoBF16pxUcj1b31EA

Request Chain 107

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8RJFuVGsuk4MyiXCO3uNGUoBF1473EqOO5Ng-g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8RJFuVGsuk4MyiXCO3uNGUoBF1473EqOO5Ng-g&C=1

Request Chain 108

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=toZL2lFz4erC27N8PInOHIY3x6Z-gA8o HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=toZL2lFz4erC27N8PInOHIY3x6Z-gA8o

Request Chain 110

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-j92FplGsuk4MyiXCO3uNGUoBF17e7Zj4uG1kYQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-j92FplGsuk4MyiXCO3uNGUoBF17e7Zj4uG1kYQ

Request Chain 121

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217213104562003559729&ex=neustar.biz

Request Chain 122

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=9836f7ecfb666b8a22761c4349cb79a6

Request Chain 123

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 124

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=37cb67cd-6c96-469a-bec2-d74d4f7e3054

Request Chain 125

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=99efc8daba234f1ab17715287d027f14

Request Chain 126

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Request Chain 127

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=851b779ce58dbae6e6704c5a3e9c39&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 128

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 129

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8a5a6d9f-76ac-4b24-9bcc-8340cea05e51&ex=improvedigital.com

Request Chain 131

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=116f379c44e36abb0

Request Chain 132

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=YA6b-d4_QWixioJG9_Eo2Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=45087542569766935831569793528451014578

Request Chain 134

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6123973546087060103

Request Chain 135

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=5969cd72-1699-11ee-af1f-18c6427b0206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=5969cd30-1699-11ee-af1f-18c6427b0206

Request Chain 136

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f595dd5e-8ffc-47d9-b23f-75cd9e69b5a2%22,%22Time%22:%2220230629T162358.098342%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f595dd5e-8ffc-47d9-b23f-75cd9e69b5a2

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPKU6jd1dE_YPNe6eR6OZEs&google_cver=1

Request Chain 138

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3d8c3b6be81a491c74ce3ca88cbd191b

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=Lc-HLb8cYc7Nt-MrXz2GBTc4ZCc4ZgIC

Request Chain 141

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B0E904C6EDAA44C1

Request Chain 142

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8574856001998403549&ex=appnexus.com

Request Chain 143

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=ndVlF93egcxEYmYuOOoVIMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 145

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED681EB09D6429338294020D9337

Request Chain 146

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=afba90859415e3f9e0186d68e25804d6f60bac441b6463bec63e74f0e70361dd

Request Chain 147

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6900ABB3-E269-416C-AD47-CCA1EDA20ACE

Request Chain 148

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=186638d9-2d16-4184-9f88-d5a18b1a0c0b-tuctb97359e

Request Chain 151

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XNJ8pQ0psQ_-lMWxp5cl2CirDUP2HWbJ

Request Chain 153

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Rl0kE_8NvCwmZzu398Lc1kURgFBjJBd

170 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request semana-da-patria Show response
www.costao.com.br/pacotes/
Redirect Chain

https://click.crm.costao.com.br/?qs=fcab053038e7b3fe8b715ac123ba1b58a8fe81f09337248dfbe7477fee3f4ee85be91d6a7eb66f194e477dec7130256b7dcd8001298a373b
https://www.costao.com.br/pacotes/semana-da-patria

519 KB
381 KB

1329ms
799ms

Document
text/html

177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.costao.com.br/pacotes/semana-da-patria

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),

Reverse DNS

static.177.47.0.55.datacenter1.com.br

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

ca712b2299f2590fd56ecc0c79bc4993271b98d9e9e195ccf1d07599c016fa40

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Jun 2023 16:23:54 GMT
ETag: W/"81a1e-CipAha0B3Kgaxp6iM9qZwqY9YDg"
Expires: 0
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express
x-frame-options: sameorigin

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 167
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Jun 2023 16:23:52 GMT
Location: https://www.costao.com.br/pacotes/semana-da-patria

GET
H2 200 css
fonts.googleapis.com/ 3 KB
992 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ed09379db599eeeb498b4a890b797a5d5ca7346d77251edafc219e6d361ad18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 14:40:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 16:23:54 GMT

GET
H/1.1 200
OK application.min.css
www.costao.com.br/styles/ 370 KB
58 KB 455ms
454ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/application.min.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 73b5f46493e741a5b506e1b32df1c0d9b5721549006fdc89825be5ea0f948190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 19:49:01 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"5c64f-184e8fc0568"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK slick.css
www.costao.com.br/styles/slick/ 1 KB
875 B 674ms
225ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/slick/slick.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 6bdf886b554698433755c0e452c78a304c5168fc2da0d300260df564e301e176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2023 22:09:51 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"536-188ef74d73b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK slick-theme.css
www.costao.com.br/styles/slick/ 2 KB
1 KB 682ms
227ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/slick/slick-theme.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 3ef698832c222f564e791a47d60919ae971fd13d49a5b0652a44736fc70607bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2023 22:09:53 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"994-188ef74dc4b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 45 KB
15 KB 146ms
64ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 May 2023 12:05:15 GMT
server: nginx
etag: W/"6464c2fb-b219"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jun 2023 16:23:55 GMT

GET
H/1.1 200
OK mobile.css
www.costao.com.br/css/ 4 KB
1 KB 701ms
235ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/css/mobile.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 7e114c32bffdaf4b72ef6adaeac83557a55ab9db3489b2425a84bf20548f8300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"e10-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK o_resort.css
www.costao.com.br/css/ 866 B
1 KB 701ms
234ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/css/o_resort.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 13b5f884d59585b8625ae603297f83a767c11d038b00e377dd5c7ccaf6c72da2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"362-17bbb8a9e08"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 866

GET
H/1.1 200
OK acomodacoes.css
www.costao.com.br/css/ 2 KB
924 B 886ms
224ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/css/acomodacoes.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 4555ee0b0a90cdc20a55a1e81193d9fd0a767eb8b956d0f7c8e64d3a2a679adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"8cb-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK all_inclusive.css
www.costao.com.br/css/ 2 KB
919 B 895ms
225ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/css/all_inclusive.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: f1fd2fd33a4b83c05249501ee61b58948696ce9ecb11ac3f18ddcac9afe357b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"689-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK gastronomia.css
www.costao.com.br/css/ 424 B
770 B 900ms
225ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/css/gastronomia.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 0d70b06f52aa7acd363d9a2589438390f325883099020b595e13ea5afa7c6f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1a8-17bbb8a9e08"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 424

GET
H/1.1 200
OK package.css
www.costao.com.br/css/ 484 B
830 B 904ms
226ms Stylesheet
text/css 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/css/package.css
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 0754bb85fa881431fac01576c207b6bd21702512ce35f67826a18ff96275851e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1e4-17bbb8a9e08"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 484

GET
H/1.1 200
OK logo.png
www.costao.com.br/images/ 71 KB
72 KB 224ms
224ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/logo.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e63dc35fed16321f3d27f6689ab408a452b8ec28a030d1b3b0b8e698e2c688ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Tue, 18 Apr 2023 12:52:20 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"11d5c-187946c53a0"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73052

GET
H/1.1 200
OK 644c31e5f7baff4ea0fbbe37.png
www.costao.com.br/images/keystone/ 679 KB
679 KB 448ms
448ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/keystone/644c31e5f7baff4ea0fbbe37.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: b816c96859aa5e1e1d7d53ef6ea4e3f6c06eb3a7f4a3cbe7c30fabd024f8ea06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Fri, 28 Apr 2023 20:53:36 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"a9c89-187c9a489b7"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 695433

GET
H2 200 tripadvisor_logo_transp_340x80-18034-2.png
www.tripadvisor.com.br/img/cdsi/img2/branding/ 7 KB
8 KB 423ms
136ms Image
image/png 23.52.123.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.com.br/img/cdsi/img2/branding/tripadvisor_logo_transp_340x80-18034-2.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-202.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: 5e3adb4d54bcbc57e019efdf0a413ee8631470c53a2a23e7cf276fbe1bdef6c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
server: envoy
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-type: image/png
cache-control: private, max-age=43200
timing-allow-origin: https://www.tripadvisor.com
content-length: 6689
x-request-id: 93b369fc-f0d5-40da-8f43-365413d2f96f
expires: Fri, 30 Jun 2023 04:23:55 GMT

GET
H/1.1 200
OK trip-avaliacao.png
www.costao.com.br/images/trip/ 22 KB
22 KB 225ms
225ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/trip/trip-avaliacao.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 884e2db76118c9f3e30f4f702a6bd3038611722df65a7d9333c4f292eb91c5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"561c-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22044

GET
H/1.1 200
OK logo-branco.png
www.costao.com.br/images/footer/ 71 KB
72 KB 451ms
451ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/logo-branco.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e63dc35fed16321f3d27f6689ab408a452b8ec28a030d1b3b0b8e698e2c688ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Tue, 18 Apr 2023 12:52:20 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"11d5c-187946c53a0"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73052

GET
H/1.1 200
OK aguaviva.png
www.costao.com.br/images/footer/ 2 KB
2 KB 225ms
225ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/aguaviva.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 85e79f2ff179d95014b9e79ad46db74b802b7ed913fcd27bbb31735c76267d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"81c-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2076

GET
H/1.1 200
OK ABR-edited-png.png
www.costao.com.br/images/footer/ 19 KB
19 KB 228ms
227ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/ABR-edited-png.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 177a42b7a587ed65cfdb13d3eb56d0b9f5c3a994cbca8a522ddd942c91898760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"4b7d-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19325

GET
H/1.1 200
OK costaogolf.png
www.costao.com.br/images/footer/ 171 KB
171 KB 236ms
235ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/costaogolf.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: a900f391e155d12305e893c70406cff06ea7fc02a5bbb4d39ba3e75b85cbaab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2abc1-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175041

GET
H/1.1 200
OK costa-ville.png
www.costao.com.br/images/footer/ 3 KB
3 KB 225ms
224ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/costa-ville.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 1cc59f208f680982819089ad6d3d6d162a596fa71c85ea3d7ac704ce339dd792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"c21-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3105

GET
H/1.1 200
OK vacation-club.png
www.costao.com.br/images/footer/ 9 KB
9 KB 226ms
225ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/vacation-club.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: ea151a8dff0f592c3588c6e101c7d992ecacd802c55192272c2980abecb0f9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2332-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9010

GET
H/1.1 200
OK selo-popup.png
www.costao.com.br/images/footer/ 7 KB
8 KB 225ms
225ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/footer/selo-popup.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 202952f6fe175341d92d7ba638f60c3d778bd4a3bddfa429984db22d6c8a5353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1d4b-17bbb8a9e08"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7499

GET
H2 200 0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 5 KB
2 KB 293ms
236ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d34984a6d264cbc9a1c42f1fd3bc1790e7796927c7c6d3e0296d1292931bd649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: g8VK8NP7VkNShGh5E7SRt8HHB6vzd1mn
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 16:23:56 GMT
last-modified: Thu, 26 Jan 2023 04:31:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"1fa14e64834298f811af3d3f951c52b5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: CZAxfbQSUCOcS99l7CVNtE7oTOyReNEqKWKd7aFwiuRPH0kHdVw_OA==

GET
H/1.1 200
OK vendor-min.js Show response
www.costao.com.br/js/ 829 KB
160 KB 472ms
471ms Script
application/javascript 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/js/vendor-min.js
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: cc2abb136940153f07e8853992c1cb8adc98dfbcfafca5f612388902765e8e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"cf2c7-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 91ms
36ms Script
application/javascript 2606:4700::6810:262f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 17:50:35 GMT
server: cloudflare
age: 160
etag: W/"649c72eb-da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7def844b4af72c33-FRA
expires: Thu, 29 Jun 2023 20:23:55 GMT

GET
H/1.1 200
OK app.js Show response
www.costao.com.br/js/ 1 MB
344 KB 472ms
471ms Script
application/javascript 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/js/app.js
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: a1bd556a45b989cf5f58726e3e481ea9e13efcd7eb07592c670c9b27fa951e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/pacotes/semana-da-patria
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Nov 2022 13:30:06 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"15eb02-184be6e3d86"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET infotickets-widget-counter.js
admin.info-tickets.com/assets/novowidget/public/ 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3E6B 15 KB
6 KB 106ms
37ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.costao.com.br&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.costao.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:23:54 GMT
server: Kestrel
server-processing-duration-in-ticks: 244137
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 348 KB
100 KB 101ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2L6ZD

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f631d4921bff25c26d41c7b327764fde1a66e8da518cbc0094631eb2eab54ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102068
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 16:23:55 GMT

GET
DATA 200
OK truncated
/ 369 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ae922a646a5fedc154e00eab6dab367b708bff354644aa87331521d499e4390

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK br.svg
www.costao.com.br/styles/flags/4x3/ 12 KB
5 KB 1067ms
225ms Image
image/svg+xml 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/styles/flags/4x3/br.svg
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 939ea418f2e925887801fa1646bff01be0ad5286569d0123017e6483ea1ec32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"3127-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK seta.png
www.costao.com.br/images/ 4 KB
4 KB 930ms
234ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/seta.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 40a887db1fefbbb201d2612a253d1c7241dc59dd39149ffcbe9a6b1550e5caa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:08 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1034-17bbb8a9a20"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4148

GET
H/1.1 200
OK bg-tripadvisor.jpg
www.costao.com.br/images/trip/ 56 KB
57 KB 227ms
227ms Image
image/jpeg 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/trip/bg-tripadvisor.jpg
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 1ac001da6b9da27a08c3d5212ebab0739da5a7c52da7254d41325a121e57370a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"e102-17bbb8a9e08"
Content-Type: image/jpeg
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57602

GET
H/1.1 200
OK before-rodape.png
www.costao.com.br/images/ 20 KB
21 KB 235ms
235ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/before-rodape.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 4cff193e5f272f903ba1e486f6c938bb6df47a2b3e6f65829609b00c4703216a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:08 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"51a9-17bbb8a9a20"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20905

GET
H/1.1 200
OK montserrat-semibold-webfont.woff2
www.costao.com.br/styles/fonts/ 18 KB
19 KB 403ms
225ms Font
application/font-woff2 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/montserrat-semibold-webfont.woff2
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 2f7843d636e7f53ece502d2403b7b68c870cc23409a6c9c38b0593e277f3c392

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"4934-17bbb8a9e08"
Content-Type: application/font-woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18740

GET
H/1.1 200
OK montserrat-ultralight-webfont.woff2
www.costao.com.br/styles/fonts/ 18 KB
18 KB 417ms
226ms Font
application/font-woff2 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/montserrat-ultralight-webfont.woff2
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 948d202b52ff8ecf41694a83ec639c8a8d9290d2d87b629ef33a4f127f3e5fe7

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:55 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"48b4-17bbb8a9e08"
Content-Type: application/font-woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18612

GET
H/1.1 200
OK montserrat-regular-webfont.woff2
www.costao.com.br/styles/fonts/ 18 KB
18 KB 635ms
225ms Font
application/font-woff2 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/montserrat-regular-webfont.woff2
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: bd80021db8e2faa5d5a5bef70a9ceb59f47f0ce2ad043ab1c7ea22cb611182f2

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"48b4-17bbb8a9e08"
Content-Type: application/font-woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18612

GET
H/1.1 200
OK montserrat-bold-webfont.woff2
www.costao.com.br/styles/fonts/ 18 KB
18 KB 643ms
226ms Font
application/font-woff2 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/montserrat-bold-webfont.woff2
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e43446a33dbd5133d8ee1b6e31e6680d8bd12414b7925b11adec285d3a2c09e4

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"48a0-17bbb8a9e08"
Content-Type: application/font-woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18592

GET
H/1.1 200
OK montserrat-light-webfont.woff2
www.costao.com.br/styles/fonts/ 18 KB
19 KB 860ms
225ms Font
application/font-woff2 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/montserrat-light-webfont.woff2
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 817185bc5a74fdc396f1f6e441d265d44c5612e9f5736a1f0c914a445e4ec596

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"48e0-17bbb8a9e08"
Content-Type: application/font-woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18656

GET
H/1.1 200
OK icomoon.ttf
www.costao.com.br/styles/fonts/ 1 KB
1 KB 869ms
226ms Font
application/x-font-ttf 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/icomoon.ttf?8l67dx
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 5c78b3728c1f9a12f7cd9103edbc641b3252d34c6316553c84575a0d1617b74e

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"4bc-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-font-ttf
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK montserrat-extrabold-webfont.woff2
www.costao.com.br/styles/fonts/ 18 KB
18 KB 874ms
227ms Font
application/font-woff2 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/fonts/montserrat-extrabold-webfont.woff2
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: ad60b27d28371697db4f2091d8bbe21ae1aad3c0ecb23ce609f4bac9ce476f01

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"4768-17bbb8a9e08"
Content-Type: application/font-woff2
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18280

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3E6B
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=costao.com.br&sn=ChromeSyncframe&so=0&topUrl=www.costao.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=moKXFXxNYXAwWE5QQSsxb0pMUUIxMjlOcUZMUVlXQUM5Q0RCeFlrWXI2TzVUZzBYdDl6YWpiSEgxbDFiMm1zeElObDRZV0pkd1oxeXlGeUo4dENadUwvT1JVc0RlZ0NMNUNjZ3JGZFFsYW5TQ21GVjJrT0RyMnNkcWZiNG...

438 B
659 B

123ms
30ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=moKXFXxNYXAwWE5QQSsxb0pMUUIxMjlOcUZMUVlXQUM5Q0RCeFlrWXI2TzVUZzBYdDl6YWpiSEgxbDFiMm1zeElObDRZV0pkd1oxeXlGeUo4dENadUwvT1JVc0RlZ0NMNUNjZ3JGZFFsYW5TQ21GVjJrT0RyMnNkcWZiNGFtbHRvY2o4QTUzdm9NVWQzT2N6VHVJN0JiS3NscjVhaSt6ZVFBZWpKSzBTb0xHZm91VXBOcE1EVHpmWEcxY0NiblN5UUU0Ky9HOXhUSDdwSHg4ckFDTElZeHRwRVUwaVhNWnNOZ1BQYUFmZlM3T0hGZEFxeEtUQ0xYZHpyYjNVRWNTYytuRnpJZmFpZ2oyaWcxK3VJZ0wvT0pJeWdzZz09fA&cppv=2

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

47b59e89ca086c212c9240ba02026e07557f875dd2e8fbc27a3a19df021ca707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1231990
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=moKXFXxNYXAwWE5QQSsxb0pMUUIxMjlOcUZMUVlXQUM5Q0RCeFlrWXI2TzVUZzBYdDl6YWpiSEgxbDFiMm1zeElObDRZV0pkd1oxeXlGeUo4dENadUwvT1JVc0RlZ0NMNUNjZ3JGZFFsYW5TQ21GVjJrT0RyMnNkcWZiNGFtbHRvY2o4QTUzdm9NVWQzT2N6VHVJN0JiS3NscjVhaSt6ZVFBZWpKSzBTb0xHZm91VXBOcE1EVHpmWEcxY0NiblN5UUU0Ky9HOXhUSDdwSHg4ckFDTElZeHRwRVUwaVhNWnNOZ1BQYUFmZlM3T0hGZEFxeEtUQ0xYZHpyYjNVRWNTYytuRnpJZmFpZ2oyaWcxK3VJZ0wvT0pJeWdzZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 290843
content-length: 0
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970209411/ 3 KB
2 KB 81ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970209411/?random=1688055835714&cv=11&fst=1688055835714&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&hn=www.googleadservices.com&frm=0&tiba=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&auid=1005237829.1688055836&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2L6ZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a6a49ce655ccc36a3e06e6300b63881cce929884d13a9f74f5f7fc0f8317e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 108ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2L6ZD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 29 Jun 2023 16:23:55 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1774399DA6346018F7A433D2FFABE37 Ref B: FRA31EDGE0605 Ref C: 2023-06-29T16:23:55Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 121 KB
47 KB 79ms
32ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-KK6KBTH

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2L6ZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57321822ee5d80200d70be9bac431c978a7ce46439b132048c50e6b7d9ac0ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48205
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 16:23:55 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 71ms
21ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 23:12:40 GMT
content-encoding: gzip
age: 61875
x-guploader-uploadid: ADPycdtnDNfGRwrtTE7tR44x6g01gnPH6g5gECaU_eBNdLR2WITPjCXcJFETU3dLhHlZ1k7mOty_IJBFLdghiXC59vP3Dg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Thu, 29 Jun 2023 23:12:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 72ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 16:23:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: gRA6wMwOm7GOyU1Qy3KdS7fR08ptFsaKLrfOQL3uYKOOOUrEQ83eYCvxy9g/iTCl3+YFqcJaq/VCvp9+TcL6wA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v6664.78943/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB
https://onboard.triptease.io/bootstrap/v6664.78943/bootstrap.js

108 KB
33 KB

40ms
40ms

Script
application/javascript

2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v6664.78943/bootstrap.js

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5713b02917b60964a9dd713e670720768182e0c98806b3af3248e61de6af939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: MISS
x-goog-meta-git-hash: de171ecccbf1f5c3a3da3c19081d83c395986636
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdu3Ifd5atmwTeglfmPVCiyVvrL276OOZlFRORviEIo1OlBgjz7cEoeVVRaIHOdPk6zjLpgaDxTks4ZbhtWtOrTsJuilxWuf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 6664.78943
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 16:11:59 GMT
server: cloudflare
etag: W/"0da7d4e5edc45b870e9e7304b8493ac1"
vary: Accept-Encoding
x-goog-generation: 1688055119615856
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=2Wjz+g==, md5=DafU5e3EW4cOnnMEuEk6wQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P7oC8%2Bxu1hrI0qkDYndEgdwSgZIxXec%2FQsFIz3I5HZ1C54UioaUnGedr9ulu8BBEhGgHOibtz87jVQLvuL%2FfbbEbpKhkDObbsl0%2B9xaIVxg%2BR3biebEoIokVWxbONCu7ijEHDU33ciWN%2BG8qw2E0%2FX0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110447
cf-ray: 7def844e1f792bbb-FRA
expires: Fri, 28 Jun 2024 16:19:09 GMT

Redirect headers

date: Thu, 29 Jun 2023 16:23:55 GMT
strict-transport-security: max-age=15552000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAzFFB%2F2OHraxI%2BDw3EP3yxzvtmh%2BUAJ3BizZ3D9VOre77Qwe2rRVP7cZXZZbRVRpiwEOp9aFP0X4c2IW7rAP0oOIs1as9c1WQ3ITmScwH99zQpTdILGzdVWd%2Bm8%2Bn9vXbaw4KkjfNfIcWOXk65cvZnfkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
location: https://onboard.triptease.io/bootstrap/v6664.78943/bootstrap.js
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 7def844ddf242bbb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 63
alt-svc: h3=":443"; ma=86400

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 7 KB
7 KB 131ms
34ms Script
text/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc
date: Wed, 28 Jun 2023 18:58:40 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 17:52:19 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 77117
etag: "4e42700e21a922978b72507ad18a7fea"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 6674
x-amz-cf-id: _m77xXydjnDPWUfmANI5MR2G-vluPBi4hZ3t81DJNzBBA3wWUNlKKg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 194ms
120ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6LROBC77UC5HT9JT60&lib=ttq
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d90d5dd07ea48cd6337bf918d0cc4d8b83d56c3d224172df7acf9c430121927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 6da5dd05.16deffe5
date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 94,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=5, inner; dur=2
content-length: 1376
pragma: no-cache
server: nginx
x-tt-logid: 202306291623551DE3EE9A8C6D6E198781
x-cache-remote: TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.222.16.85
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc7311863f318311cca46a6585321e545ef322b5e05de8ce05b8520907544a31fe7c06199210b94e6d2b9d5416bdc5d77a0222025d118af454504d2cb880311a60d48758871b231c74b6ab71e0a0272c584d05f88a272bdd19ca6056fa0cf49346e6f
expires: Thu, 29 Jun 2023 16:23:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-823M369EWK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2L6ZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b22cd3455a2849b126f225088bff892df6bb5a796c6641e9de8135ed50093c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:23:55 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 74ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-823M369EWK&gtm=45je36s0&_p=812402073&_gaz=1&cid=522614533.1688055836&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1688055835&sct=1&seg=0&dl=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&dt=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-823M369EWK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.costao.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 81ms
27ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-823M369EWK&cid=522614533.1688055836&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-823M369EWK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.costao.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 96ms
44ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-823M369EWK&cid=522614533.1688055836&gtm=45je36s0&aip=1&z=392658800

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/970209411/ 42 B
456 B 84ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970209411/?random=1688055835714&cv=11&fst=1688054400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&frm=0&tiba=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&fmt=3&is_vtc=1&random=2461094202&rmt_tld=0&ipr=y

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/970209411/ 42 B
456 B 75ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/970209411/?random=1688055835714&cv=11&fst=1688054400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&frm=0&tiba=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&fmt=3&is_vtc=1&random=2461094202&rmt_tld=1&ipr=y

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2L6ZD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 15:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4754
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 29 Jun 2023 17:04:41 GMT

GET
H2 200 756914064973614 Show response
connect.facebook.net/signals/config/ 622 KB
190 KB 1078ms
1077ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/756914064973614?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f204ddb8c8e67063a3428711e486e65bf555a8cf6d25553da0585958a96320af

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 16:23:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: CAH+1dhxVy6nfdlyjsmikLou/9PhFs4WRq48idhEwkFUy4FYZjAzpNHQzypkUdvrdEoy/Re8P68NlOZKfsjuIw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 56012315.js Show response
bat.bing.com/p/action/ 0
119 B 118ms
118ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56012315.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 29 Jun 2023 16:23:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65057DB59A7240608D769CCDE37B8F2F Ref B: FRA31EDGE0605 Ref C: 2023-06-29T16:23:55Z
x-cache: CONFIG_NOCACHE

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
183 B 27ms
27ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=812402073&t=pageview&_s=1&dl=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&ul=en-us&de=UTF-8&dt=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABRAAAACAAI~&jid=1161246275&gjid=615131568&cid=522614533.1688055836&tid=UA-2623933-1&_gid=275540572.1688055836&_slc=1&gtm=45He36s0n71N2L6ZD&cd2=da3a6cfa-8641-4410-a6ff-6e46f7fe2404&cd3=2023-06-29T16%3A23%3A55.844%2B00%3A00&cd6=GTM-N2L6ZD&z=757793327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.costao.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.costao.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2623933-1&cid=522614533.1688055836&jid=1161246275&gjid=615131568&_gid=275540572.1688055836&_u=YCDAiAABRAAAAGAAI~&z=788209822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.costao.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:23:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.costao.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 5B6D
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728
https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728&dcc=t

65 B
896 B

130ms
130ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.costao.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 29 Jun 2023 16:23:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 70SWMZFFC13A8B47N4T2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 29 Jun 2023 16:23:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=848daa5c-7ee3-4473-b1fe-50822e8ea49c&event=PageView&ts=1688055835728&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: PZE0FJ7X6N70VCF44CEK

GET
H3 200 kernel-host.html Show response
onboard.triptease.io/kernel/v6664.78943/ Frame FB70 57 KB
19 KB 244ms
203ms Document
text/html 2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v6664.78943/kernel-host.html?originHost=www.costao.com.br

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac8b42eb3e8ee4e17e1dec54d0c8c1a290c0b3e66062fcb744b8d4637ad9cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.costao.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: MISS
cf-ray: 7def844ecedf362d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Jun 2023 16:23:56 GMT
expires: Fri, 28 Jun 2024 16:23:56 GMT
last-modified: Thu, 29 Jun 2023 16:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDBO2c%2FYw4ZvA7QtG1MwwdirmCnb%2FrLPSDZSuB9BOPCF37OXSnTCNSZiHJrGKGbQMbyjzWMJaWuLkFjkNKOWfbWolDQZ6OeMvR%2BU8F0gLPoR6KXaidBDjIPSgXS5151Jq8qw2xB2CcnOLzdJ2Z7eew2ylg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1688055109557368
x-goog-hash: crc32c=nLYO/g== md5=PW6vCtLJIwCzdt8R+APkPQ==
x-goog-meta-build-version: 6664.78943
x-goog-meta-git-hash: de171ecccbf1f5c3a3da3c19081d83c395986636
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 58293
x-guploader-uploadid: ADPycdvD8kud1-UxGJaExCyykoZ9C0LjcHsAoDk4oPbcNJULhdXZa5e2NBesaJi74qy60pTSjQx56Rakc1TOvTWMQYKlBw

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 45ms
45ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2623933-1&cid=522614533.1688055836&jid=1161246275&_u=YCDAiAABRAAAAGAAI~&z=1305504142

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 46ms
46ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2623933-1&cid=522614533.1688055836&jid=1161246275&_u=YCDAiAABRAAAAGAAI~&z=1305504142

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTcyYWM1ZjQwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 314 KB
83 KB 24ms
24ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB6LROBC77UC5HT9JT60&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 16df0002
date: Thu, 29 Jun 2023 16:23:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230627123229AD25BEDE653C982F9BBC
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c92403fec72a0766c1de5de9c20742ca3f510ae090d335f8e90afc96c7525ddb88ec0c6c8e6d2f6ba53c2f4b2a2a20b3e572efcf3b5202af52781d28c119fdf453cb2025c5a1c7a0cb97c2128e1671cb1e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 84259

GET
H2 200 identify_70a9a.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 24ms
24ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_70a9a.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 16df0014
date: Thu, 29 Jun 2023 16:23:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306271232307B3396127E192AEF09B6
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017abc044aaab1b78e09b46d8a35fb60c92403fec72a0766c1de5de9c20742ca3f52c9ec76ede260e03f600cd0f675ab3603e85fb119f79d95d41cfab992bb4abf29fb6e330523c6c9bf576d0ca4c4d7fca7604ae4258d72a3e45bb2a63ae0d5c3
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=9
content-length: 30837

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 155ms
155ms Ping
text/plain 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.costao.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6d61f2e8.16df0019
date: Thu, 29 Jun 2023 16:23:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 128,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=40, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230629162356FDD6C5A80529861A6439
x-cache-remote: TCP_MISS from a23-222-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 40,23.222.16.92
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc7311863f318311cca46a6585321e545ef32d42a2121e1884232f1d2c6c5f899bf8997f8de162612b76ccfad694712e42ccb40f47d9377fefed634e3f50c93a06b8ab268057e40448168345f71da75e97bf1073ba322f178b0a450b4520262a77dcb
expires: Thu, 29 Jun 2023 16:23:56 GMT

GET
H3 200 kernel.js
onboard.triptease.io/kernel/v6664.78943/ Frame FB70 63 KB
20 KB 32ms
31ms Other
application/javascript 2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v6664.78943/kernel.js?

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/kernel/v6664.78943/kernel-host.html?originHost=www.costao.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc5a3d83430341c57babaaea1963842b76a3f66e2e46d38116a2b68b71f2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboard.triptease.io/kernel/v6664.78943/kernel-host.html?originHost=www.costao.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:56 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: de171ecccbf1f5c3a3da3c19081d83c395986636
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280
x-guploader-uploadid: ADPycdsvg-p3nl4tITeJpux2gJ06d7MhGO90e3g57OfUs3deKDu15CdxOUbrKod34iGA7MBdiIZ9kMqIruJEko6stGYVFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 6664.78943
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 16:11:49 GMT
server: cloudflare
etag: W/"5cb7eb80f994a21d3d93473b2136bde3"
vary: Accept-Encoding
x-goog-generation: 1688055109549981
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=OC4uaA==, md5=XLfrgPmUoh09k0c7ITa94w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dc1uwW6gU%2BtCv9%2F4nHMFCLcKv9YBqQtAoQYjb1iOYcmfkWSkSIDP8pKlycn2yVJd6z%2BnuSuNs9XVDaMYOU4onmAFy8xnWH1VRNHXIRfOrltzClo2G0YwKD%2BnBg1kWoyAdOfchNddw4ObVqyAAWy1bpW8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 64193
cf-ray: 7def845048ee362d-FRA
expires: Fri, 28 Jun 2024 16:19:16 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/js/vendor-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbc87c3511ceaa4446838dc206f765c70af8e7f2a97617ddaa5e7743ed637b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 29 Jun 2023 16:23:56 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/71547d26/www-widgetapi.vflset/ 198 KB
62 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/71547d26/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cb7f94890a40fe2b874754ffe3afcab8d783fc9ce0e45debf510c1eeee6c2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 15:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62878
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 01:48:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 28 Jun 2024 15:37:37 GMT

GET
H/1.1 200
OK icomoon.ttf
www.costao.com.br/fonts/costao-icons/ 13 KB
8 KB 307ms
235ms Font
application/x-font-ttf 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/fonts/costao-icons/icomoon.ttf?jqdiuo
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 72ed792914867cf1b4be2216f5c3b2c3ef016dfafd83ac76dc0360064f5dee11

Request headers

Referer: https://www.costao.com.br/styles/application.min.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"3344-17bbb8a9e08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-font-ttf
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK featured-packages Show response
www.costao.com.br/api/v1/ 26 B
529 B 325ms
229ms XHR
application/json 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.costao.com.br/api/v1/featured-packages

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/js/vendor-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),

Reverse DNS

static.177.47.0.55.datacenter1.com.br

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

086ba42107950e9d566fc464feb874df2f0c3e0e6da6590b8cf40f8b1aa12169

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Referer: https://www.costao.com.br/pacotes/semana-da-patria
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:56 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1a-u9ZXIOmk2cB4irF10p6Ho8FBlzE"
x-frame-options: sameorigin
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120
Vary: Accept-Encoding
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 26
Expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=27659&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D644c31e5f7baff4ea0fbbe37&p3=e%3Dvs%26din%3D2023-09-06%26dout%3D2023-09-10&p...
https://widget.us.criteo.com/event?a=27659&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D644c31e5f7baff4ea0fbbe37&p3=e%3Dvs%26din%3D2023-09-06%26dout%3D2023-09-10&p...

8 KB
4 KB

345ms
118ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=27659&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D644c31e5f7baff4ea0fbbe37&p3=e%3Dvs%26din%3D2023-09-06%26dout%3D2023-09-10&p4=e%3Ddis&adce=1&bundle=DKnndV9wS3oxUVhDdlFTNGM0QiUyRmFhOVFBTVdza0VmMldDWCUyRlQlMkI0Y2M4QVJEVnZ3ZEJyTWdYVnZvQmdQQjhuNzA4NzhvQVN6TVUlMkZFMHdsenBFTHElMkJZaDVXZFpXTWQ1aG1qRUtjWVJVQzhWc2tJNlFSQUUwSnZzWmdqeUhSaEJtZ25Rd0dWdU9rZktsVTR6TUM2V1JRb2Z3JTJGUUElM0QlM0Q&tld=costao.com.br&fu=https%253A%252F%252Fwww.costao.com.br%252Fpacotes%252Fsemana-da-patria&ceid=a705dc0d-9636-4308-87bb-77ea77ffd1c1&dtycbr=39311

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d9b045437169cf48ec3d5ac40ef9848955034fb1075f35011d393c68adebfd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12138969
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=27659&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D644c31e5f7baff4ea0fbbe37&p3=e%3Dvs%26din%3D2023-09-06%26dout%3D2023-09-10&p4=e%3Ddis&adce=1&bundle=DKnndV9wS3oxUVhDdlFTNGM0QiUyRmFhOVFBTVdza0VmMldDWCUyRlQlMkI0Y2M4QVJEVnZ3ZEJyTWdYVnZvQmdQQjhuNzA4NzhvQVN6TVUlMkZFMHdsenBFTHElMkJZaDVXZFpXTWQ1aG1qRUtjWVJVQzhWc2tJNlFSQUUwSnZzWmdqeUhSaEJtZ25Rd0dWdU9rZktsVTR6TUM2V1JRb2Z3JTJGUUElM0QlM0Q&tld=costao.com.br&fu=https%253A%252F%252Fwww.costao.com.br%252Fpacotes%252Fsemana-da-patria&ceid=a705dc0d-9636-4308-87bb-77ea77ffd1c1&dtycbr=39311
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5687736
timing-allow-origin: *
content-length: 0
expires: 0

GET /
freegeoip.net/json/ 0
0

GET
H2 200 bundle.js Show response
d335luupugsy2.cloudfront.net/scout/ 45 KB
14 KB 241ms
241ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-version-id: xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified: Thu, 28 Jan 2021 17:27:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: W/"88819ce057f99124674a75d611e4f53a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-amz-cf-id: 5KRmnriR6VxV9FXLi7C3jzsmkcjb0zRQFJC6b0igzy1IoIra9LoXTw==

GET
H/1.1 200
OK ajax-loader.gif
www.costao.com.br/styles/slick/ 4 KB
4 KB 313ms
226ms Image
image/gif 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/styles/slick/ajax-loader.gif
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/slick/slick-theme.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/slick/slick-theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1052-17bbb8a9e08"
Content-Type: image/gif
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4178

GET
H/1.1 200
OK btn-prev.png
www.costao.com.br/images/ 181 B
489 B 234ms
233ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/btn-prev.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: b4f5acf0910b2ae036cfd36bd4759813dea33a3c277d5d2eabe286e44d7ab2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:08 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"b5-17bbb8a9a20"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181

GET
H/1.1 200
OK btn-next.png
www.costao.com.br/images/ 177 B
485 B 225ms
224ms Image
image/png 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.costao.com.br/images/btn-next.png
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/application.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e80e8f12fb15cdf9dfe3c1f80bebadf52390bab52d3dff99253dd6f9bf599544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/styles/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:08 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"b1-17bbb8a9a20"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177

GET
H/1.1 200
OK slick.woff
www.costao.com.br/styles/slick/fonts/ 1 KB
2 KB 287ms
225ms Font
application/font-woff 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.costao.com.br/styles/slick/fonts/slick.woff
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/styles/slick/slick-theme.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),
Reverse DNS: static.177.47.0.55.datacenter1.com.br
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://www.costao.com.br/styles/slick/slick-theme.css
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Last-Modified: Mon, 06 Sep 2021 14:37:09 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"564-17bbb8a9e08"
Content-Type: application/font-woff
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1380

GET
H/1.1 200
OK campaigns Show response
www.costao.com.br/api/v1/ 1 KB
904 B 410ms
246ms XHR
application/json 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.costao.com.br/api/v1/campaigns

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/js/vendor-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),

Reverse DNS

static.177.47.0.55.datacenter1.com.br

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

526238b1946203eabcc36261cc2beabf732052b7321bebc1dc0d152f2da3f0e9

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Referer: https://www.costao.com.br/pacotes/semana-da-patria
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:56 GMT
Content-Encoding: gzip
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"494-EIxg1FdjbbPaw8kEm0fvgvYOR8A"
x-frame-options: sameorigin
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type, Authorization
Expires: 0

GET
H/1.1 200
OK comments Show response
www.costao.com.br/api/v1/tripadvisor/ 717 B
1 KB 410ms
241ms XHR
application/json 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.costao.com.br/api/v1/tripadvisor/comments

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/js/vendor-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),

Reverse DNS

static.177.47.0.55.datacenter1.com.br

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

cab63c420f2613832304cea9308d7099bfbd40432dbc8e9bcd0b8e54edbe933f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Referer: https://www.costao.com.br/pacotes/semana-da-patria
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:56 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2cd-NQSGybhWT22W91hRDWajc67fZu0"
x-frame-options: sameorigin
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120
Vary: Accept-Encoding
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 717
Expires: 0

GET
H2 200 WidgetEmbed-cdsratingsonlynarrow Show response
www.tripadvisor.com.br/ 12 KB
5 KB 597ms
597ms Script
text/javascript 23.52.123.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.com.br/WidgetEmbed-cdsratingsonlynarrow?border=true&backgroundColor=gray&locationId=306302&display_version=2&uniq=469&lang=pt&_=1688055836296
Requested by: Host: www.costao.com.br
URL: https://www.costao.com.br/js/vendor-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-202.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: 8c8ee67de8cf65e1f8f25e6cfc03bf3b6a2df36ae9c0f82875909e8a7b825c1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
content-encoding: br
server: envoy
vary: User-Agent,Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-language: pt
content-type: text/javascript;charset=UTF-8
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-length: 3211
x-request-id: 1d1a708c-c8e0-435b-a442-167e237133d2
expires: 0

GET
H2 204 0
bat.bing.com/action/ 0
287 B 44ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56012315&tm=gtm002&Ver=2&mid=619ca04e-7266-4cf0-bc1c-d785279c3e5d&sid=5885ddd0169911ee9c22ad1581caf7be&vid=5885e810169911ee91b799ccdc01263a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&p=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&r=&lt=3906&evt=pageLoad&sv=1&rn=974461

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:23:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 16E02401D24A46C49F1F5A47DCE4BF6E Ref B: FRA31EDGE0605 Ref C: 2023-06-29T16:23:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 21ms
20ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 03:12:09 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 47507
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kUGOUzlvzKe3gMPrU-YRrJY90Mfj7Q2OCDjwsDdH_VAdbCUCSFq-Vw==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 20ms
19ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 09:12:05 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 25912
x-amz-server-side-encryption: AES256
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PR3qxpXgRu2kduoq1T-X-tOocIqo8JDC0Kk-hH0Mge_rq9-grvfNCg==

POST
H/1.1 404
Not Found events Show response
www.costao.com.br/ 276 B
743 B 316ms
227ms XHR
text/html 177.47.0.55
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.costao.com.br/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/756914064973614?v=2.9.110&r=stable

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

177.47.0.55 São Paulo, Brazil, ASN16397 (EQUINIX BRASIL, BR),

Reverse DNS

static.177.47.0.55.datacenter1.com.br

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

2acda28f94d2cd0dd3afa3252735b09970ea6073fc162fe526d09965751db702

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://www.costao.com.br/pacotes/semana-da-patria
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"114-l7Sk/lqCrlS7wpAqR8FdlO6DTJM"
Vary: X-HTTP-Method-Override, Accept-Encoding
x-frame-options: sameorigin
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 276
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 70ms
21ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756914064973614&ev=PageView&dl=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&rl=&if=false&ts=1688055837016&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.2.1688055837012.1485917218&eid=ob3_plugin-set_dd2cf74e2081a7f33945acaa2a516b34db0eae8cb7cb34b2ba623484a64e3944&cs_est=true&it=1688055835856&coo=false&exp=a0&rqm=GET

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 16:23:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 t4b_widget_ratingsonly-v24139938417a.css
static.tacdn.com/css2/build/concat/ 26 KB
5 KB 91ms
20ms Stylesheet
text/css 151.101.2.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/css2/build/concat/t4b_widget_ratingsonly-v24139938417a.css
Requested by: Host: www.tripadvisor.com.br
URL: https://www.tripadvisor.com.br/WidgetEmbed-cdsratingsonlynarrow?border=true&backgroundColor=gray&locationId=306302&display_version=2&uniq=469&lang=pt&_=1688055836296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 065db4a4e8dda371bafc3ad0dd23c3f265818d043f449403ea6adfd049ddc3e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 263
date: Thu, 29 Jun 2023 16:23:57 GMT
content-encoding: br
via: 1.1 varnish
age: 1349927
x-cache: HIT
content-length: 4849
x-request-id: 5ebfde42-f966-40d8-9af1-0957f96f9407
x-served-by: cache-fra-etou8220056-FRA
last-modified: Wed, 07 Jun 2023 11:34:03 GMT
server: envoy
x-timer: S1688055837.276626,VS0,VE0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 01:25:10 GMT

GET
H2 200 cdswidgets_m-c-v22480917520a.js Show response
static.tacdn.com/js3/build/concat/widget/ 15 KB
5 KB 91ms
20ms Script
application/x-javascript 151.101.2.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
Requested by: Host: www.tripadvisor.com.br
URL: https://www.tripadvisor.com.br/WidgetEmbed-cdsratingsonlynarrow?border=true&backgroundColor=gray&locationId=306302&display_version=2&uniq=469&lang=pt&_=1688055836296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e94e0140ad5ee0dd772ad05d9ba5cc4cf3e2a1f5d420ea5cb783edbdbdda9f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 802
date: Thu, 29 Jun 2023 16:23:57 GMT
content-encoding: br
via: 1.1 varnish
age: 9663617
x-cache: HIT
content-length: 4911
x-request-id: 21ccd2ae-cd8d-4707-be16-6cc0d4a017f2
x-served-by: cache-fra-etou8220056-FRA
last-modified: Sun, 26 Feb 2023 12:32:58 GMT
server: envoy
x-timer: S1688055837.276697,VS0,VE0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 20:03:40 GMT

GET
H/1.1 200
OK iu3 Show response
s.amazon-adsystem.com/ Frame 5B2C 556 B
1 KB 123ms
123ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D53353c0a-0ebf-24ff-daa0-114dda983407%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.costao.com.br/&ex-hargs=v%3D1.0%3Bc%3D582062490952948045%3Bp%3D53353C0A-0EBF-24FF-DAA0-114DDA983407&cb=47070792987552904

Requested by

Host: www.costao.com.br
URL: https://www.costao.com.br/pacotes/semana-da-patria

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

78d2620e5de966149ca7e8f8641685993f26c769e877d098b38ee1ae783fd285

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.costao.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 556
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 29 Jun 2023 16:23:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8NVKCJJCEX6GPCZAWZSB

GET
H2 200 Tripadvisor_lockup_horizontal_secondary_registered-18034-2.svg
www.tripadvisor.com.br/img/cdsi/img2/branding/v2/ 5 KB
3 KB 131ms
131ms Image
image/svg+xml 23.52.123.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.com.br/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-18034-2.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.123.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-123-202.deploy.static.akamaitechnologies.com
Software: envoy /
Resource Hash: b148a123dd65aa6603102281e5203539c1e3ad6514e035a9fd4096e5779017d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
content-encoding: br
server: envoy
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-type: image/svg+xml
cache-control: private, max-age=43200
timing-allow-origin: https://www.tripadvisor.com
content-length: 2160
x-request-id: 2d05f43a-40f2-48f9-88ec-1cac7fc6cc2f
expires: Fri, 30 Jun 2023 04:23:57 GMT

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
620 B 445ms
136ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

8badf4e5469eb909e58e67a45836d65993182c77722961e6e20742e5f495a9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.costao.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.costao.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 7ED3
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30

43 B
347 B

25ms
25ms

Image
image/gif

35.157.132.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30
Protocol: H2
Server: 35.157.132.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-132-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-KCXw71Gsuk4MyiXCO3uNGUoBF15kidlS_H6oBA&expires=30
date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 7ED3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-xUC6tlGsuk4MyiXCO3uNGUoBF16Gl4xLYRpXmw&google_cm&google_hm=ay14VUM2dGxHc3VrNE15aVhDTzN1TkdVb0JGMTZHbDR4T...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xUC6tlGsuk4MyiXCO3uNGUoBF16Gl4xLYRpXmw&google_gid=CAESED7XmULpXCTfNz_nRT4JcLw&google_cver=1&google_ula=913071,0

43 B
369 B

65ms
64ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xUC6tlGsuk4MyiXCO3uNGUoBF16Gl4xLYRpXmw&google_gid=CAESED7XmULpXCTfNz_nRT4JcLw&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 544626
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-xUC6tlGsuk4MyiXCO3uNGUoBF16Gl4xLYRpXmw&google_gid=CAESED7XmULpXCTfNz_nRT4JcLw&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 7ED3
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=625490473557201202

43 B
370 B

65ms
64ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=625490473557201202

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1929482
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 76dcaf89-3496-45bf-8417-3374f29c6164
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=625490473557201202
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 7ED3
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-5ec1tFGsuk4MyiXCO3uNGUoBF16pxUcj1b31EA
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-5ec1tFGsuk4MyiXCO3uNGUoBF16pxUcj1b31EA

43 B
1 KB

27ms
27ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-5ec1tFGsuk4MyiXCO3uNGUoBF16pxUcj1b31EA

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
AN-X-Request-Uuid: e1bc27b0-a302-4761-ade9-eceb872759dd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
AN-X-Request-Uuid: 879a0a9b-44a6-4d50-9442-a0c33254e4c7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-5ec1tFGsuk4MyiXCO3uNGUoBF16pxUcj1b31EA
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 7ED3 61 B
795 B 134ms
84ms Image
image/gif 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-ZnSublGsuk4MyiXCO3uNGUoBF16UYnDf0oO-6g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:23:57 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 29 Jun 2023 16:23:57 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7ED3 0
239 B 97ms
20ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-dEGPGVGsuk4MyiXCO3uNGUoBF17HyZvnwCyw0A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 7ED3 0
363 B 99ms
22ms Image
text/plain 18.159.197.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-wR8SX1Gsuk4MyiXCO3uNGUoBF163nDzrHYItLQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.197.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-197-157.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7ED3 43 B
163 B 149ms
32ms Image
image/gif 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-A9qCrFGsuk4MyiXCO3uNGUoBF177LgCjqzThgQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7ED3 0
100 B 106ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Nr09DVGsuk4MyiXCO3uNGUoBF16IkFtYlsR13A
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25503

GET
H2 200 um
criteo-sync.teads.tv/ Frame 7ED3 23 B
165 B 121ms
50ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-l3vghVGsuk4MyiXCO3uNGUoBF17F7El5lJOlhg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 29 Jun 2023 16:23:57 GMT
pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 7ED3 37 B
141 B 87ms
22ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-fb0oFVGsuk4MyiXCO3uNGUoBF17FcBpIcAHDOA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 7ED3 0
126 B 91ms
23ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-HUuXoFGsuk4MyiXCO3uNGUoBF15Yq-hoZ0qgqQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 7ED3 43 B
164 B 110ms
32ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-O6suNFGsuk4MyiXCO3uNGUoBF15XKnaJ50goXg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
last-modified: Wed, 11 Oct 2017 14:26:30 GMT
server: nginx
accept-ranges: bytes
etag: "59de2a16-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 7ED3 49 B
237 B 110ms
42ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-yiodHlGsuk4MyiXCO3uNGUoBF15IAng2FeVgNg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 13
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 7ED3
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8RJFuVGsuk4MyiXCO3uNGUoBF1473EqOO5Ng-g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8RJFuVGsuk4MyiXCO3uNGUoBF1473EqOO5Ng-g&C=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-8RJFuVGsuk4MyiXCO3uNGUoBF1473EqOO5Ng-g&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-8RJFuVGsuk4MyiXCO3uNGUoBF1473EqOO5Ng-g&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7ED3
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=toZL2lFz4erC27N8PInOHIY3x6Z-gA8o
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=toZL2lFz4erC27N8PInOHIY3x6Z-gA8o

42 B
942 B

46ms
46ms

Image
image/gif

52.49.138.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=toZL2lFz4erC27N8PInOHIY3x6Z-gA8o

Protocol

HTTP/1.1

Server

52.49.138.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-138-0.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-093d863cb.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: AskUAkLBTO8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-077f06c9c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: t0iuWvdHS6U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=toZL2lFz4erC27N8PInOHIY3x6Z-gA8o
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 7ED3 43 B
1 KB 70ms
21ms Image
image/gif 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-tfxfeVGsuk4MyiXCO3uNGUoBF17En89QhwdBHg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7ED3
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-j92FplGsuk4MyiXCO3uNGUoBF17e7Zj4uG1kYQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-j92FplGsuk4MyiXCO3uNGUoBF17e7Zj4uG1kYQ

43 B
448 B

46ms
46ms

Image
image/gif

54.76.252.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-j92FplGsuk4MyiXCO3uNGUoBF17e7Zj4uG1kYQ
Protocol: H2
Server: 54.76.252.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-252-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 16:23:57 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-j92FplGsuk4MyiXCO3uNGUoBF17e7Zj4uG1kYQ
access-control-allow-origin: *
date: Thu, 29 Jun 2023 16:23:57 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 7ED3 42 B
275 B 85ms
32ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Lp6ltVGsuk4MyiXCO3uNGUoBF149noDNpcq4KQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:56 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 7ED3 0
885 B 79ms
25ms Image
text/html 52.28.23.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-BEkuolGsuk4MyiXCO3uNGUoBF14HKDcb8iHxaQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.23.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-23-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 7ED3 0
145 B 422ms
104ms Image
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-8b1wAFGsuk4MyiXCO3uNGUoBF14SnRG7dphkHA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:23:57 GMT
Cache-Control: no-cache
X-TraceId: 96036bd342cde17dcf121290b44fefbf
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7ED3 42 B
583 B 88ms
26ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-pso4qVGsuk4MyiXCO3uNGUoBF15cHICQYjJ4DA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 29 Jun 2023 16:23:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 7ED3 43 B
400 B 364ms
112ms Image
image/gif 2600:1f18:612b:4200:180a:bb6b:7eca:821b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-BFMVyFGsuk4MyiXCO3uNGUoBF15NfCeaEj0TDA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:180a:bb6b:7eca:821b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 29 Jun 2023 16:23:57 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 7ED3 43 B
153 B 109ms
35ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-ooEUSVGsuk4MyiXCO3uNGUoBF177tozzBoEvng
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 16:23:57 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7ED3 0
400 B 136ms
33ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-TrE8M1Gsuk4MyiXCO3uNGUoBF168zOJbIqlYpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 28 Jun 2023 16:23:57 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 7ED3 0
39 B 152ms
45ms Image
text/plain 52.210.13.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-rxBo21Gsuk4MyiXCO3uNGUoBF14mIV73li7p2g&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.13.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-13-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
content-length: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 28FA 4 KB
5 KB 114ms
113ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D53353c0a-0ebf-24ff-daa0-114dda983407%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.costao.com.br/&ex-hargs=v%3D1.0%3Bc%3D582062490952948045%3Bp%3D53353C0A-0EBF-24FF-DAA0-114DDA983407&cb=47070792987552904

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d48c07d7f6153d33893dc9f47616c089f98c9cf4d8fadfe2524f456bcadc718e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D53353c0a-0ebf-24ff-daa0-114dda983407%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.costao.com.br/&ex-hargs=v%3D1.0%3Bc%3D582062490952948045%3Bp%3D53353C0A-0EBF-24FF-DAA0-114DDA983407&cb=47070792987552904
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 4254
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 29 Jun 2023 16:23:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 48JVJGT9W2ZH303VV9SN

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=756914064973614&ev=Microdata&dl=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&rl=&if=false&ts=1688055837520&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho%22%2C%22meta%3Adescription%22%3A%22Cost%C3%A3o%20do%20Santinho%20Resort%20tem%20restaurantes%20tem%C3%A1ticos%20com%20culin%C3%A1rias%20a%C3%A7oriana%2C%20brasileira%2C%20oriental%2C%20italiana%20e%20contempor%C3%A2nea.%20Os%20card%C3%A1pios%20s%C3%A3o%20elaborados%20de%20acordo%20com%20as%20esta%C3%A7%C3%B5es%20do%20ano.%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%5B%22http%3A%2F%2Fd1fcdlldm0egg1.cloudfront.net%2Fimages%2Fresortx480.jpg%22%2C%22undefined%22%5D%2C%22og%3Atitle%22%3A%22Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho%22%2C%22og%3Adescription%22%3A%22Cost%C3%A3o%20do%20Santinho%20Resort%20tem%20restaurantes%20tem%C3%A1ticos%20com%20culin%C3%A1rias%20a%C3%A7oriana%2C%20brasileira%2C%20oriental%2C%20italiana%20e%20contempor%C3%A2nea.%20Os%20card%C3%A1pios%20s%C3%A3o%20elaborados%20de%20acordo%20com%20as%20esta%C3%A7%C3%B5es%20do%20ano.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fcostao.com.br%2Fpacotes%2Fsemana-da-patria%22%2C%22og%3Asite_name%22%3A%22Cost%C3%A3o%20do%20Santinho%20Resort%22%2C%22og%3Alocale%22%3A%22pt_BR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.2.1688055837012.1485917218&eid=ob3_plugin-set_e94f23f8ae0fb1d2bb3f083e00ff8c06def55b2c352187184467e43d8c2ba8aa&it=1688055835856&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 16:23:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=217213104562003559729&ex=neustar.biz

43 B
479 B

250ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=217213104562003559729&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RW4JD0HS8ABV2NFABQJC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=217213104562003559729&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=9836f7ecfb666b8a22761c4349cb79a6

43 B
479 B

109ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=9836f7ecfb666b8a22761c4349cb79a6

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EDSPF98F09ZEM8N9GN9A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=9836f7ecfb666b8a22761c4349cb79a6
date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

152ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7BHQ8NVKW07XEKYZMSAA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Thu, 29 Jun 2023 16:23:57 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=37cb67cd-6c96-469a-bec2-d74d4f7e3054

43 B
479 B

200ms
113ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=37cb67cd-6c96-469a-bec2-d74d4f7e3054

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VCG5Z8BKCSX5G4Z5PJKX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=37cb67cd-6c96-469a-bec2-d74d4f7e3054
Date: Thu, 29 Jun 2023 16:23:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=99efc8daba234f1ab17715287d027f14

43 B
479 B

162ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=99efc8daba234f1ab17715287d027f14

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5N33VYDSZA49E80PV1VT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=99efc8daba234f1ab17715287d027f14
date: Thu, 29 Jun 2023 16:23:57 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58725/ Frame 28FA
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

0
15 B

22ms
22ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
content-type: text/html
cache-control: no-store
content-length: 355

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=851b779ce58dbae6e6704c5a3e9c39&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

256ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=851b779ce58dbae6e6704c5a3e9c39&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H33DWZBW0FEWZ8JH2998
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=851b779ce58dbae6e6704c5a3e9c39&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1688055837710027-347
Expires: Thu, 29 Jun 2023 16:23:57 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

251ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZYGAW7WWKW5AZGS2DKTT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 29 Jun 2023 16:23:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 7945bb9729c0979279f468dfe8446e58.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=VS7B7GTY1D0P0FKJEYT4:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: VS7B7GTY1D0P0FKJEYT4
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: yD7_MJCts3rDEPyESia6WRtjBP2bjQppye_8gIiy29ZIB_h64ZP2uQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=8a5a6d9f-76ac-4b24-9bcc-8340cea05e51&ex=improvedigital.com

43 B
479 B

257ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8a5a6d9f-76ac-4b24-9bcc-8340cea05e51&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NK1Q5F9BEH8WQ4GV6668
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=8a5a6d9f-76ac-4b24-9bcc-8340cea05e51&ex=improvedigital.com
access-control-allow-origin: *
date: Thu, 29 Jun 2023 16:23:57 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 28FA 0
187 B 366ms
114ms Image
text/plain 3.209.224.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.224.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-224-69.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=116f379c44e36abb0

43 B
479 B

111ms
111ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=116f379c44e36abb0

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZY2SYMCHCNG490XWR6Y1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 29 Jun 2023 16:23:57 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=116f379c44e36abb0
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=YA6b-d4_QWixioJG9_Eo2Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=45087542569766935831569793528451014578

43 B
479 B

249ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=45087542569766935831569793528451014578

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SNYG281S6MER91EGX27E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v050-0b601b3e9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UitLesTqRKw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=45087542569766935831569793528451014578
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame 28FA 42 B
214 B 91ms
33ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=prlTSZrYQjCTb9ZtVxArdg
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:58 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6123973546087060103

43 B
479 B

121ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6123973546087060103

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F2EPGV8B47D3TYB944TW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6123973546087060103
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=5969cd72-1699-11ee-af1f-18c6427b0206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=5969cd30-1699-11ee-af1f-18c6427b0206

43 B
479 B

115ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=5969cd30-1699-11ee-af1f-18c6427b0206

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NPNTZ0VJ3F5EVJN5HZ6Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:23:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=5969cd30-1699-11ee-af1f-18c6427b0206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 141
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f595dd5e-8ffc-47d9-b23f-75cd9e69b5a2%22,%22Time%22:%2220230629T162358.098342%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f595dd5e-8ffc-47d9-b23f-75cd9e69b5a2

43 B
479 B

108ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f595dd5e-8ffc-47d9-b23f-75cd9e69b5a2

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DGG5GFE6VM5QWM9M0A47
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f595dd5e-8ffc-47d9-b23f-75cd9e69b5a2
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPKU6jd1dE_YPNe6eR6OZEs&google_cver=1

43 B
479 B

204ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPKU6jd1dE_YPNe6eR6OZEs&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5H014G7BY7CC4S691CB2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEPKU6jd1dE_YPNe6eR6OZEs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3d8c3b6be81a491c74ce3ca88cbd191b

43 B
479 B

122ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3d8c3b6be81a491c74ce3ca88cbd191b

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F2XV1G97W9Z1MWHAK1H4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 29 Jun 2023 16:23:58 GMT
via: 1.1 75e36ac0b9d37c457faf66194257e560.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP63-P2
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3d8c3b6be81a491c74ce3ca88cbd191b
content-length: 0
x-amz-cf-id: 1AP5gr_f6LXUHU3uKtCTSQE_8KZlEdBOcmt-v14DhPwP5qsVVAIHog==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 28FA 43 B
305 B 82ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:58 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=Lc-HLb8cYc7Nt-MrXz2GBTc4ZCc4ZgIC

43 B
479 B

117ms
117ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=Lc-HLb8cYc7Nt-MrXz2GBTc4ZCc4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 06V4BA8MMGYZEYYW320W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=Lc-HLb8cYc7Nt-MrXz2GBTc4ZCc4ZgIC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B0E904C6EDAA44C1

43 B
479 B

110ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B0E904C6EDAA44C1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B8PGBKSP3CV4MMGJPR7R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:24:11 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B0E904C6EDAA44C1
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=8574856001998403549&ex=appnexus.com

43 B
479 B

115ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8574856001998403549&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8BATVVQMY8M9WXMA0DDE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:23:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 634aa7af-3ce3-48e8-996b-daa820bc6d04
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8574856001998403549&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=ndVlF93egcxEYmYuOOoVIMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

111ms
111ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=ndVlF93egcxEYmYuOOoVIMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JY8W200VXZWE1X8YF36R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=ndVlF93egcxEYmYuOOoVIMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
loadus.exelator.com/load/ Frame 28FA 0
324 B 181ms
45ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=vz0_PzbTFvykCUR3Jfe5n_PDs95TFfC4jJT3CDABVwhqOVQV9xV7NLvUBmjBBJ8W4ML8VgrvvyAGgcJRNfh4EK8AIlmnnDffgceTcsBO5t4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:58 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED681EB09D6429338294020D9337

43 B
479 B

110ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED681EB09D6429338294020D9337

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CCBTFQNBJXRYTM8HJCGX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:23:58 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED681EB09D6429338294020D9337
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Thu, 29 Jun 2023 16:23:57 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=afba90859415e3f9e0186d68e25804d6f60bac441b6463bec63e74f0e70361dd

43 B
479 B

122ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=afba90859415e3f9e0186d68e25804d6f60bac441b6463bec63e74f0e70361dd

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DWXD4B78ZW7W5XA7PNHN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:58 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=afba90859415e3f9e0186d68e25804d6f60bac441b6463bec63e74f0e70361dd
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6900ABB3-E269-416C-AD47-CCA1EDA20ACE

43 B
479 B

113ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6900ABB3-E269-416C-AD47-CCA1EDA20ACE

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X9W5E0DGVV50MFHX7Z2W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=6900ABB3-E269-416C-AD47-CCA1EDA20ACE
date: Thu, 29 Jun 2023 16:23:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 28FA
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=186638d9-2d16-4184-9f88-d5a18b1a0c0b-tuctb97359e

43 B
479 B

116ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=186638d9-2d16-4184-9f88-d5a18b1a0c0b-tuctb97359e

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:23:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 28GH7TSF210MQ5YJJDRQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=186638d9-2d16-4184-9f88-d5a18b1a0c0b-tuctb97359e
date: Thu, 29 Jun 2023 16:23:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25467

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 25ms
24ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e5a69917e5086aded8b1d45816caba2911dcf3dfff3889a9b2365b3132c3db8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 21:14:53 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-version-id: xtd6DAl7P8ZspUB_fN8mDfqzc7WY880T
last-modified: Tue, 30 May 2023 16:37:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 68945
etag: "fd7e84ca2cc1508510bb50a243e92337"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56771
x-amz-cf-id: Rpd-Kdey9BrfTMwVI9FXVRKGfk_sgveNbkQzT8FtI9-wxpTeRjERBg==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 13 KB
5 KB 43ms
43ms Script
application/javascript 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0328683f-f6ef-4eae-a0dd-49f683c7ed1e-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Ue47Arb7o21QIXzXdR.6SzkIvhr7p6iy
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 12:38:57 GMT
x-amz-cf-pop: FRA60-P3
age: 13501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4699
last-modified: Wed, 29 Mar 2023 14:00:58 GMT
server: AmazonS3
etag: "1f7cabf79794bdf27abc546d74059ded"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
x-amz-cf-id: N1z9ShlyRlGrsKkIK3n5sra5zwXf4uywquPlMzbuUkGiYTUGINcyJA==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7ED3
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XNJ8pQ0psQ_-lMWxp5cl2CirDUP2HWbJ

0
339 B

158ms
44ms

Image
text/plain

108.128.74.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XNJ8pQ0psQ_-lMWxp5cl2CirDUP2HWbJ
Protocol: H2
Server: 108.128.74.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-74-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1688055837
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XNJ8pQ0psQ_-lMWxp5cl2CirDUP2HWbJ
date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 950698
content-length: 0

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 95 KB
95 KB 493ms
195ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=37602&uniq=_x4nomfdsk&ref=aHR0cHM6Ly93d3cuY29zdGFvLmNvbS5ici9wYWNvdGVzL3NlbWFuYS1kYS1wYXRyaWE%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

2924803657681fcd2b0c4818a959c5f2ecf9c4119be2113c017480c6c14ff49e

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Thu, 29 Jun 2023 16:23:58 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 97166

GET
H2

200

cs
s.thebrighttag.com/ Frame 7ED3
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Rl0kE_8NvCwmZzu398Lc1kURgFBjJBd

35 B
270 B

379ms
120ms

Image
image/gif

18.219.147.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Rl0kE_8NvCwmZzu398Lc1kURgFBjJBd
Protocol: H2
Server: 18.219.147.111 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-147-111.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:23:58 GMT
x-bt-requestid: 5977b9d0-1699-11ee-99b3-0000ac1702fb
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=-Rl0kE_8NvCwmZzu398Lc1kURgFBjJBd
date: Thu, 29 Jun 2023 16:23:57 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1235080
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 33ms
32ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dcd75692c6dc90ee655ba023f72bd72aaf13ad23bcf80f61a73c6892d2febef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:23:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 16:23:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=null

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b89c2838e4be203979c4cbe13031c07e19b394301655c6ffe7d652e4085019f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41882
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 16:23:58 GMT

GET
H2 200 choices.min.js Show response
cdn.jsdelivr.net/npm/choices.js@4/public/assets/scripts/ 96 KB
26 KB 72ms
23ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/choices.js@4/public/assets/scripts/choices.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de595febf6316a086e1ff11c607f06144d884f81f94ae5b7a29670770a33dfa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:23:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9109
x-jsd-version: 4.1.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26528
x-served-by: cache-fra-eddf8230052-FRA
x-jsd-version-type: version
etag: W/"17f0b-Cp/tZ11/uwEgZNW9E7YXX6GpFSU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=812402073&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.costao.com.br%2Fpacotes%2Fsemana-da-patria&ul=en-us&de=UTF-8&dt=Semana%20da%20P%C3%A1tria%20%7C%20Resort%20Cost%C3%A3o%20do%20Santinho&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RD%20Popups&ea=Viewed&el=whatsapp-cora-coruja-site-48-32612257-c889b922b85761fb85c1&_u=aDDAiAABRAAAAGAAI~&jid=&gjid=&cid=522614533.1688055836&tid=UA-2623933-1&_gid=275540572.1688055836&gtm=45He36s0n71N2L6ZD&cd2=da3a6cfa-8641-4410-a6ff-6e46f7fe2404&cd3=2023-06-29T16%3A23%3A55.844%2B00%3A00&cd6=GTM-N2L6ZD&z=1984830638

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 00:31:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57168
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 $385x189gizr
d335luupugsy2.cloudfront.net/cms/files/37602/1673615601/ 374 B
767 B 22ms
21ms Image
image/png 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/37602/1673615601/$385x189gizr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4d5b1a37d63059344842573fda9dd836245be544e60b624a44739cec1b98325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 17:30:56 GMT
x-amz-version-id: b42KmeCaoioSPoxQ_d6GDNUHZekHYvSb
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Fri, 13 Jan 2023 14:27:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 82383
etag: "fd2e2dc8086fc54cfb87c15c890a7641"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 374
x-amz-cf-id: xIr9k1i0jQOSQtYrgCz0IrqM55AcfEWUa-vFrep4MZ1tu7dBBbnhjA==

GET
H2 200 $5u0ndp8vgxo
d335luupugsy2.cloudfront.net/cms/files/1446/1588875979/ 4 KB
5 KB 21ms
20ms Image
image/png 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/1446/1588875979/$5u0ndp8vgxo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f21fbdef688ebf03e844d7ab41038b6684126ae6c7c6e69815e051332ff639ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Gwu..4_Ogx6hswUdr__BxG2Esf4D8M63
date: Thu, 29 Jun 2023 04:32:48 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Thu, 07 May 2020 20:59:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 42732
etag: "4a316bcf8bd859ab679d26643c241056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4330
x-amz-cf-id: 2E3jEuDgu3aTLsDoUAU2fXtZ-ZFs_hIHSsZtLLHl-9l5-NsqwnctZg==

GET
H2 200 af.svg
dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/ 21 KB
9 KB 42ms
21ms Image
image/svg+xml 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/af.svg?t=1560538149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3dd9de74b34d4336102619d67c18a0211a2fb524faf55d4d17154a8129058002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 18:25:58 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2019 14:20:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 79081
etag: "58e4071ab7e410b705d296835f6c2f1c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 8527
x-amz-cf-id: A2Df87W4c3TWSISqPQ5sGgeg7jwcwlZnQ6gxuQypH7IziQmYUSF6EA==

GET
H2 200 br.svg
dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/ 8 KB
3 KB 41ms
20ms Image
image/svg+xml 52.222.250.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/br.svg?t=1560538149
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f27b60457a892efcd4d4cebd0135e35b92112757c657cdcdf35af14bf8d9f0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 00:54:13 GMT
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2019 14:20:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 55846
etag: "80934471d745e9f7973f57260ff17e39"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2818
x-amz-cf-id: y7XTPIpiK8PhkdT3uMhRCiNimJCcLsVcYPzF9qZEV7XIBgwS4QQQag==

GET
H3 200 default.js Show response
onboard.triptease.io/integrations/v6664.78943/ 152 KB
48 KB 41ms
41ms Script
application/javascript 2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v6664.78943/default.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e7bad69b11f638aeff1f46279fc351d5d53513bf273e5ac6f90389febebabb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.costao.com.br/
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:23:59 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: MISS
x-goog-meta-git-hash: de171ecccbf1f5c3a3da3c19081d83c395986636
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvhDvQCvaB-B7DZHIrmu8ztpqUqFHJVY5fSXkDuVDWdMpfdl_NCoCLYz3Pibe9jFDlF_DNfBexJZXGYHem-3LPs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 6664.78943
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 16:17:11 GMT
server: cloudflare
etag: W/"ef916e4537cb5af884a937b50eafbdc5"
vary: Accept-Encoding
x-goog-generation: 1688055430942765
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=GXhz3w==, md5=75FuRTfLWviEqTe1Dq+9xQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=er5qsqjfzw%2B%2Fuhmj16cnf%2Bk4x8ifD0SDbB6c1dDp1LfWq60vZIBhrxmcX8jr0haXdRJ9eSkGjjT%2FZLIPhV6kBIPYKjE4X8oHiYu0zs99hFl5gr8OZPRmKDIA5Not2Hasp9pr%2FlP%2F78pVq%2Bm%2BM%2FtaxBPvog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 156157
cf-ray: 7def84638be59b58-FRA
expires: Fri, 28 Jun 2024 16:19:25 GMT

GET
H3 200 identity Show response
onboard.triptease.io/ 161 B
835 B 26ms
26ms Fetch
application/json 2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/identity

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5853777314929be17755d11f4b363f1512e4df01762b4a02b71e687328e03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:24:00 GMT
strict-transport-security: max-age=15552000
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZS3zkgpo7vMWFxMTa3oJgqKH64lhkEGbM%2BWwj0D7Mz7aI%2BYCC2%2FlIt2DgbZVnBDFepMltm9QN5ZBXeyXZzV4ytH9A2nz17mh2yD8OOS2DWLr%2B4zsTj%2FcCQZO%2Bi1cy8%2FL%2BCD1C8yunvXol22OF9fSGYBrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.costao.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
cf-ray: 7def846aa8d2362d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 claim Show response
onboard.triptease.io/ 2 B
552 B 188ms
187ms Fetch
application/json 2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/claim?apiKey=dd7189add26d4d5d9ead8c379e79d596

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:24:00 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB6yNJMs1mm33%2FObn6KQGaAuZ3mJniAom9ggYmTJR4oPQdTGku12hgqAKyCareUO2dy5W9f6KjAdwReF6S94SV7lOQNuBr0cDbE9ALQOSfpCVnG5u3K3BDgybwcq7XkS7GYYyGsZ48vnXzUU%2FNIn88cdHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.costao.com.br
cache-control: no-cache, no-store, max-age=0
access-control-allow-credentials: true
cf-ray: 7def846af95f362d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
372 B 359ms
47ms XHR
application/json 35.186.241.51

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1688055840832

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.costao.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Thu, 29 Jun 2023 16:24:01 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.costao.com.br
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H2 200 main.js Show response
static-meta.triptease.io/client/ 38 KB
13 KB 97ms
22ms Script
text/plain 151.101.65.182

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/main.js
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.182 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: a05bc0ea51285c305f5786ab3b2fa5e07300631ef3970bcd6b677bba4b0336fa

Request headers

Referer: https://www.costao.com.br/
Origin: https://www.costao.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:24:01 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
age: 135618
x-cache: HIT
x-envoy-upstream-service-time: 5
content-length: 12679
x-served-by: cache-fra-eddf8230066-FRA
server: istio-envoy
x-timer: S1688055841.198652,VS0,VE0
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800,stale-while-revalidate=1800
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 120

GET
H2 200 dd7189add26d4d5d9ead8c379e79d596 Show response
static-meta.triptease.io/client/bundle-data/ 46 B
159 B 23ms
23ms Fetch
application/json 151.101.65.182

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/bundle-data/dd7189add26d4d5d9ead8c379e79d596
Requested by: Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.182 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: d1e07589d411b78de71c5b6f2cb3f22461f36de471adae61f933f7a199b15322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:24:01 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
age: 39529
x-cache: HIT
x-envoy-upstream-service-time: 1306
content-length: 61
x-served-by: cache-fra-eddf8230066-FRA
server: istio-envoy
x-timer: S1688055841.229254,VS0,VE1
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800,stale-while-revalidate=1800
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 dd7189add26d4d5d9ead8c379e79d596 Show response
static-meta.triptease.io/client/bundle-data/ 46 B
126 B 22ms
22ms Fetch
application/json 151.101.65.182

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/bundle-data/dd7189add26d4d5d9ead8c379e79d596
Requested by: Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.182 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: d1e07589d411b78de71c5b6f2cb3f22461f36de471adae61f933f7a199b15322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.costao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:24:01 GMT
via: 1.1 google, 1.1 varnish
content-encoding: gzip
age: 39529
x-cache: HIT
x-envoy-upstream-service-time: 1306
content-length: 61
x-served-by: cache-fra-eddf8230066-FRA
server: istio-envoy
x-timer: S1688055841.230734,VS0,VE0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800,stale-while-revalidate=1800
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

POST
H3 204 batch
onboard.triptease.io/message/ 0
483 B 203ms
198ms Ping
text/html 2606:4700:3031::ac43:8e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01EPZ07AKR3NFD9WRGKFSF6KZB

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.costao.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:24:02 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJTvGZLq1%2FI7EEnFJ%2FmbCwFRGtXX0Qu0YZrMzjjdirHNC%2F2VlJW%2Brb43jkLJzH8K%2BpuAP%2BMtWqzaiKn0W79HwtiRkwTNSt%2Fevv8FHmnGtjpnm1z2TO12xpGVPy%2FhGi6rMPKTzPH7fKAgx1AVkAQfk8A3iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 08d950060e5c996ba4fc6d184dd6687b
cf-ray: 7def84740832362d-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: admin.info-tickets.com
URL: http://admin.info-tickets.com/assets/novowidget/public/infotickets-widget-counter.js

Domain: freegeoip.net
URL: http://freegeoip.net/json/

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.costao.com.br/	1969-12-31 23:59:59	Name: keystone.sid Value: s%3ATHdMGvRWqXgLYAH3sy1egoCK79sHOGpP.whVtasLaE44Mzblxob2Be%2BpO0Fj3cYtuX5hwQOq4u6E
.criteo.com/	1970-01-20 22:15:51	Name: uid Value: 214f4447-e839-4c46-a190-3750127d4093
.costao.com.br/	1970-01-20 15:03:51	Name: _gcl_au Value: 1.1.1005237829.1688055836
.costao.com.br/	1970-01-20 22:23:39	Name: cto_bundle Value: DKnndV9wS3oxUVhDdlFTNGM0QiUyRmFhOVFBTVdza0VmMldDWCUyRlQlMkI0Y2M4QVJEVnZ3ZEJyTWdYVnZvQmdQQjhuNzA4NzhvQVN6TVUlMkZFMHdsenBFTHElMkJZaDVXZFpXTWQ1aG1qRUtjWVJVQzhWc2tJNlFSQUUwSnZzWmdqeUhSaEJtZ25Rd0dWdU9rZktsVTR6TUM2V1JRb2Z3JTJGUUElM0QlM0Q
.costao.com.br/	1970-01-20 22:30:15	Name: _ga_823M369EWK Value: GS1.1.1688055835.1.0.1688055835.60.0.0
.costao.com.br/	1970-01-20 21:39:51	Name: mp_096e58aad8909be9cf490896d261dbe9_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18907f7ecbac45-054afa11e7e87d-6a335054-1d4c00-18907f7ecbac46%22%2C%22%24device_id%22%3A%20%2218907f7ecbac45-054afa11e7e87d-6a335054-1d4c00-18907f7ecbac46%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.costao.com.br/	1970-01-20 22:30:15	Name: _ga Value: GA1.3.522614533.1688055836
.costao.com.br/	1970-01-20 12:55:42	Name: _gid Value: GA1.3.275540572.1688055836
.costao.com.br/	1970-01-20 12:54:15	Name: _dc_gtm_UA-2623933-1 Value: 1
.tiktok.com/	1970-01-20 22:15:51	Name: _ttp Value: 2Rt42QNVy06MW40OspxvYTjxXgU
.costao.com.br/	1970-01-20 22:15:51	Name: _tt_enable_cookie Value: 1
.costao.com.br/	1970-01-20 22:15:51	Name: _ttp Value: VCtq9x_Tn7FZ8BSe-KdUDcNkNab
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zAuBf4Q1CCU
.youtube.com/	1970-01-20 17:13:27	Name: VISITOR_INFO1_LIVE Value: BpUGgDiev90
.amazon-adsystem.com/	1970-01-20 17:22:06	Name: ad-id Value: A6gaSyzBUEZggYtUyDIDoGw
.amazon-adsystem.com/	1970-01-20 22:30:15	Name: ad-privacy Value: 0
.costao.com.br/	1970-01-20 12:55:42	Name: _uetsid Value: 5885ddd0169911ee9c22ad1581caf7be
.costao.com.br/	1970-01-20 22:15:51	Name: _uetvid Value: 5885e810169911ee91b799ccdc01263a
.bing.com/	1970-01-20 22:15:51	Name: MUID Value: 167A119E09896171394202A108026098
.costao.com.br/	1970-01-20 21:39:51	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNjg4MDU1ODM2ODUyfQ==
.costao.com.br/	1970-01-20 15:03:51	Name: _fbp Value: fb.2.1688055837012.1485917218
.doubleclick.net/	1970-01-20 22:15:51	Name: IDE Value: AHWqTUlDmmsLR3oYrgbJkh4UkHT3q8Xma5yBV1EbU9iLhJ5vGHHkDMqPfvA50Cm1qmQ
match.sharethrough.com/	1970-01-20 13:04:20	Name: AWSALBCORS Value: LRbEyCG/LvZEZB2OUHSpsp5zeFxfU7MPMNrKaSmckWAli0x1k2YV5ra79gtU9iusHoYEW3BqIXNNjHCTlCcqDpNR1uaNMjbKxUbClJSPk68+9oFWqTum8b4IapyY
.adnxs.com/	1970-01-20 15:03:51	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVRcy^(<!]tbPl@/D!9hy6]/CwgZ5?/7Th.YZHlZlUZ4['n(aGEmk4zLJ#i(eqf4hee8fp7yo?12lIHgNd1bpRzqF1`*bc17+[>^w
.adnxs.com/	1970-01-20 15:03:51	Name: uuid2 Value: 8574856001998403549
.media.net/	1970-01-20 21:39:51	Name: visitor-id Value: 3310574378281126000V10
.media.net/	1970-01-20 13:37:27	Name: data-c-ts Value: 1688055837
.media.net/	1970-01-20 13:37:27	Name: data-c Value: k-ZnSublGsuk4MyiXCO3uNGUoBF16UYnDf0oO-6g~~3
.bidswitch.net/	1970-01-20 21:39:51	Name: tuuid Value: d5dddd4f-216f-4ac9-b2fd-6c386bc2858d
.bidswitch.net/	1970-01-20 21:39:51	Name: c Value: 1688055837
.bidswitch.net/	1970-01-20 21:39:51	Name: tuuid_lu Value: 1688055837
.id5-sync.com/	1970-01-20 12:54:16	Name: cf Value:
.id5-sync.com/	1970-01-20 12:54:16	Name: cip Value:
.id5-sync.com/	1970-01-20 12:54:16	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:54:16	Name: car Value:
.id5-sync.com/	1970-01-20 12:54:16	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:54:16	Name: callback Value:
.casalemedia.com/	1970-01-20 21:39:51	Name: CMID Value: ZJ2wHe8oK7a95aAfJljoMAAA
.casalemedia.com/	1970-01-20 15:03:51	Name: CMPS Value: 5184
.casalemedia.com/	1970-01-20 15:03:51	Name: CMPRO Value: 5184
.demdex.net/	1970-01-20 17:13:27	Name: demdex Value: 45087542569766935831569793528451014578
exchange.mediavine.com/	1970-01-20 13:14:25	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22591f60a0-1699-11ee-9343-fd7f02c3cc5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:14:25	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22591f60a0-1699-11ee-9343-fd7f02c3cc5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:14:25	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22591f60a0-1699-11ee-9343-fd7f02c3cc5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:14:25	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22591f60a0-1699-11ee-9343-fd7f02c3cc5b%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:14:25	Name: criteo Value: %7B%22id%22%3A%22k-BEkuolGsuk4MyiXCO3uNGUoBF14HKDcb8iHxaQ%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/	1970-01-20 17:13:27	Name: dpm Value: 45087542569766935831569793528451014578
.pubmatic.com/	1970-01-20 13:37:27	Name: KRTBCOOKIE_97 Value: 3385-uid:k-pso4qVGsuk4MyiXCO3uNGUoBF15cHICQYjJ4DA&KRTB&23144-uid:k-pso4qVGsuk4MyiXCO3uNGUoBF15cHICQYjJ4DA&KRTB&23286-uid:k-pso4qVGsuk4MyiXCO3uNGUoBF15cHICQYjJ4DA&KRTB&23287-uid:k-pso4qVGsuk4MyiXCO3uNGUoBF15cHICQYjJ4DA
.pubmatic.com/	1970-01-20 13:37:27	Name: PugT Value: 1688055836
.360yield.com/	1970-01-20 15:03:51	Name: tuuid_lu Value: 1688055837
.agkn.com/	1970-01-20 21:39:51	Name: ab Value: 0001%3ABScmMJfGRZKYjKry5gsyj9Om72sc8diC
.myvisualiq.net/	1970-01-20 22:30:15	Name: tuuid Value: 37cb67cd-6c96-469a-bec2-d74d4f7e3054
.myvisualiq.net/	1970-01-20 22:30:15	Name: c Value: 1688055837
.myvisualiq.net/	1970-01-20 22:30:15	Name: tuuid_lu Value: 1688055837
.yahoo.com/	1970-01-20 21:40:13	Name: A3 Value: d=AQABBB2wnWQCEAC2xDZW0wuEna0h7bT_lCIFEv__AP8AAAAAAOAXyiMAAAAAgA&S=AQAAAmAPgjXlbVnRcRIcs3YA1h8
.360yield.com/	1970-01-20 15:03:51	Name: tuuid Value: 8a5a6d9f-76ac-4b24-9bcc-8340cea05e51
.costao.com.br/	1970-01-20 21:41:18	Name: rdtrk Value: %7B%22id%22%3A%223dafed4b-0137-47a3-af17-7f633fa61ad0%22%7D
.360yield.com/	1970-01-20 15:03:51	Name: um Value: !38,SocL4JssXtiMvYEeq9uqHzhPJKyc9XdZEqmuL1i8cn0PAGE.BRnrhZ6x4qlVf5Hbi3zs-MfY,1695831837!416,3trTqFSmpgW9cN8K-oODBPse,1695831837
.360yield.com/	1970-01-20 15:03:51	Name: umeh Value: !38,0,1750263837,-1!416,0,1750263837,-1
.krxd.net/	1970-01-20 17:13:27	Name: _kuid_ Value: PpQMYT2T
.bluekai.com/	1970-01-20 17:17:47	Name: bku Value: b/X99Oty7VEfWxzI
.bluekai.com/	1970-01-20 17:17:47	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.tremorhub.com/	1970-01-20 13:37:27	Name: tv_UICR Value: k-BFMVyFGsuk4MyiXCO3uNGUoBF15NfCeaEj0TDA
.tremorhub.com/	1970-01-20 21:40:12	Name: tvid Value: 73e6ee51bea44d4caa5c4761d7bc388e
.tremorhub.com/	1970-01-20 22:30:15	Name: tv_UIAM Value: 99efc8daba234f1ab17715287d027f14
ads.samba.tv/	1970-01-20 22:24:30	Name: sambapxid Value: 116f379c44e36abb0
.adform.net/	1970-01-20 13:37:27	Name: C Value: 1
.adform.net/	1970-01-20 14:20:39	Name: uid Value: 6123973546087060103
.spotxchange.com/	1970-01-20 13:34:35	Name: audience Value: 5969cd30-1699-11ee-af1f-18c6427b0206
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1688055838_1
.serving-sys.com/	1970-01-20 13:37:27	Name: u2 Value: f595dd5e-8ffc-47d9-b23f-75cd9e69b5a24Nh060
.semasio.net/	1970-01-20 21:39:51	Name: SEUNCY Value: B0E904C6EDAA44C1
.ispot.tv/	1970-01-20 22:30:15	Name: pt Value: v2:afba90859415e3f9e0186d68e25804d6f60bac441b6463bec63e74f0e70361dd\|738e17612a01394f306ec335ef854b466bc71db3111f93d26507c86462189d8f
.pubmatic.com/	1970-01-20 21:39:51	Name: KADUSERCOOKIE Value: 6900ABB3-E269-416C-AD47-CCA1EDA20ACE
.ninthdecimal.com/	1970-01-20 21:39:51	Name: ndat Value: aO2WYGSdsB6UgjMpN5MNAg==
.triptease.io/	1970-01-20 21:41:18	Name: triptease-user-id Value: 01H43ZFZNDX2972C40HBZXK5HQ
.triptease.io/	1970-01-20 12:54:44	Name: triptease-session-id Value: 01H43ZFZNDDCD4EBKP09Q75E2H

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.costao.com.br/pacotes/semana-da-patria Message: Mixed Content: The page at 'https://www.costao.com.br/pacotes/semana-da-patria' was loaded over HTTPS, but requested an insecure script 'http://admin.info-tickets.com/assets/novowidget/public/infotickets-widget-counter.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.costao.com.br/js/vendor-min.js(Line 3070) Message: Mixed Content: The page at 'https://www.costao.com.br/pacotes/semana-da-patria' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://freegeoip.net/json/'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.costao.com.br/events Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
admin.info-tickets.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics.tiktok.com
api-js.mixpanel.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn.jsdelivr.net
cdn.mxpnl.com
click.crm.costao.com.br
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d335luupugsy2.cloudfront.net
dis.criteo.com
dk9suync0k2va.cloudfront.net
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
freegeoip.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
js.maxmind.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
odr.mookie1.com
onboard.triptease.io
pageview-notify.rdstation.com.br
pi.ispot.tv
pixel.rubiconproject.com
popups.rdstation.com.br
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.thebrighttag.com
sb.scorecardresearch.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
static-meta.triptease.io
static.criteo.net
static.tacdn.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.samplicio.us
visitor.omnitagjs.com
widget.us.criteo.com
www.costao.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.tripadvisor.com.br
www.youtube.com
x.bidswitch.net
admin.info-tickets.com
freegeoip.net
104.102.35.84
104.237.150.96
108.128.74.29
128.245.209.102
13.248.245.213
141.226.228.48
142.250.185.130
151.101.2.83
151.101.65.182
151.101.66.132
162.19.138.120
177.47.0.55
178.250.7.11
178.250.7.13
18.159.197.157
18.219.147.111
18.66.218.75
18.66.23.147
185.255.84.153
185.64.190.78
185.80.39.216
185.86.138.154
185.89.210.20
185.89.210.244
185.94.180.126
198.47.127.205
2.18.160.221
2001:4860:4802:34::36
212.82.100.182
23.215.16.120
23.38.98.84
23.52.120.27
23.52.123.202
2600:1901:0:bc29::
2600:1f18:612b:4200:180a:bb6b:7eca:821b
2600:1f18:612b:4232:b493:e747:963e:44dd
2606:4700:3031::ac43:8e98
2606:4700::6810:262f
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c0a::9a
2a02:2638:d::2
2a02:2638:d::d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::485
3.124.134.111
3.126.222.121
3.209.224.69
3.69.98.172
3.71.149.231
3.73.242.95
34.117.157.22
34.160.236.64
34.68.90.188
34.98.64.218
35.157.132.87
35.186.241.51
35.223.116.65
37.157.4.25
37.157.6.237
44.199.29.154
52.210.13.95
52.222.164.219
52.222.250.119
52.28.23.58
52.46.155.104
52.49.138.0
54.217.24.45
54.76.252.247
54.78.254.47
64.202.112.159
69.173.144.139
74.119.119.150
77.243.51.122
85.215.5.31
95.101.54.217
065db4a4e8dda371bafc3ad0dd23c3f265818d043f449403ea6adfd049ddc3e3
0754bb85fa881431fac01576c207b6bd21702512ce35f67826a18ff96275851e
086ba42107950e9d566fc464feb874df2f0c3e0e6da6590b8cf40f8b1aa12169
0cb7f94890a40fe2b874754ffe3afcab8d783fc9ce0e45debf510c1eeee6c2e8
0d70b06f52aa7acd363d9a2589438390f325883099020b595e13ea5afa7c6f10
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
13b5f884d59585b8625ae603297f83a767c11d038b00e377dd5c7ccaf6c72da2
177a42b7a587ed65cfdb13d3eb56d0b9f5c3a994cbca8a522ddd942c91898760
1ac001da6b9da27a08c3d5212ebab0739da5a7c52da7254d41325a121e57370a
1cc59f208f680982819089ad6d3d6d162a596fa71c85ea3d7ac704ce339dd792
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
202952f6fe175341d92d7ba638f60c3d778bd4a3bddfa429984db22d6c8a5353
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2924803657681fcd2b0c4818a959c5f2ecf9c4119be2113c017480c6c14ff49e
2acda28f94d2cd0dd3afa3252735b09970ea6073fc162fe526d09965751db702
2f5853777314929be17755d11f4b363f1512e4df01762b4a02b71e687328e03b
2f7843d636e7f53ece502d2403b7b68c870cc23409a6c9c38b0593e277f3c392
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
3dd9de74b34d4336102619d67c18a0211a2fb524faf55d4d17154a8129058002
3ef698832c222f564e791a47d60919ae971fd13d49a5b0652a44736fc70607bd
40a887db1fefbbb201d2612a253d1c7241dc59dd39149ffcbe9a6b1550e5caa9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec
4555ee0b0a90cdc20a55a1e81193d9fd0a767eb8b956d0f7c8e64d3a2a679adc
47b59e89ca086c212c9240ba02026e07557f875dd2e8fbc27a3a19df021ca707
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cff193e5f272f903ba1e486f6c938bb6df47a2b3e6f65829609b00c4703216a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
526238b1946203eabcc36261cc2beabf732052b7321bebc1dc0d152f2da3f0e9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57321822ee5d80200d70be9bac431c978a7ce46439b132048c50e6b7d9ac0ee5
5c78b3728c1f9a12f7cd9103edbc641b3252d34c6316553c84575a0d1617b74e
5e3adb4d54bcbc57e019efdf0a413ee8631470c53a2a23e7cf276fbe1bdef6c6
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64bc5a3d83430341c57babaaea1963842b76a3f66e2e46d38116a2b68b71f2e5
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6ae922a646a5fedc154e00eab6dab367b708bff354644aa87331521d499e4390
6bdf886b554698433755c0e452c78a304c5168fc2da0d300260df564e301e176
6e5a69917e5086aded8b1d45816caba2911dcf3dfff3889a9b2365b3132c3db8
6ed09379db599eeeb498b4a890b797a5d5ca7346d77251edafc219e6d361ad18
72ed792914867cf1b4be2216f5c3b2c3ef016dfafd83ac76dc0360064f5dee11
73b5f46493e741a5b506e1b32df1c0d9b5721549006fdc89825be5ea0f948190
78d2620e5de966149ca7e8f8641685993f26c769e877d098b38ee1ae783fd285
7ac8b42eb3e8ee4e17e1dec54d0c8c1a290c0b3e66062fcb744b8d4637ad9cf5
7d90d5dd07ea48cd6337bf918d0cc4d8b83d56c3d224172df7acf9c430121927
7dcd75692c6dc90ee655ba023f72bd72aaf13ad23bcf80f61a73c6892d2febef
7e114c32bffdaf4b72ef6adaeac83557a55ab9db3489b2425a84bf20548f8300
7e7bad69b11f638aeff1f46279fc351d5d53513bf273e5ac6f90389febebabb6
817185bc5a74fdc396f1f6e441d265d44c5612e9f5736a1f0c914a445e4ec596
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b
85e79f2ff179d95014b9e79ad46db74b802b7ed913fcd27bbb31735c76267d5c
884e2db76118c9f3e30f4f702a6bd3038611722df65a7d9333c4f292eb91c5a2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8badf4e5469eb909e58e67a45836d65993182c77722961e6e20742e5f495a9ab
8c8ee67de8cf65e1f8f25e6cfc03bf3b6a2df36ae9c0f82875909e8a7b825c1c
8f631d4921bff25c26d41c7b327764fde1a66e8da518cbc0094631eb2eab54ac
939ea418f2e925887801fa1646bff01be0ad5286569d0123017e6483ea1ec32f
948d202b52ff8ecf41694a83ec639c8a8d9290d2d87b629ef33a4f127f3e5fe7
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a05bc0ea51285c305f5786ab3b2fa5e07300631ef3970bcd6b677bba4b0336fa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1bd556a45b989cf5f58726e3e481ea9e13efcd7eb07592c670c9b27fa951e2c
a4a6a49ce655ccc36a3e06e6300b63881cce929884d13a9f74f5f7fc0f8317e1
a900f391e155d12305e893c70406cff06ea7fc02a5bbb4d39ba3e75b85cbaab8
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
ad60b27d28371697db4f2091d8bbe21ae1aad3c0ecb23ce609f4bac9ce476f01
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b148a123dd65aa6603102281e5203539c1e3ad6514e035a9fd4096e5779017d3
b22cd3455a2849b126f225088bff892df6bb5a796c6641e9de8135ed50093c13
b4f5acf0910b2ae036cfd36bd4759813dea33a3c277d5d2eabe286e44d7ab2dc
b816c96859aa5e1e1d7d53ef6ea4e3f6c06eb3a7f4a3cbe7c30fabd024f8ea06
b89c2838e4be203979c4cbe13031c07e19b394301655c6ffe7d652e4085019f8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd80021db8e2faa5d5a5bef70a9ceb59f47f0ce2ad043ab1c7ea22cb611182f2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5713b02917b60964a9dd713e670720768182e0c98806b3af3248e61de6af939
ca712b2299f2590fd56ecc0c79bc4993271b98d9e9e195ccf1d07599c016fa40
cab63c420f2613832304cea9308d7099bfbd40432dbc8e9bcd0b8e54edbe933f
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc2abb136940153f07e8853992c1cb8adc98dfbcfafca5f612388902765e8e18
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1e07589d411b78de71c5b6f2cb3f22461f36de471adae61f933f7a199b15322
d34984a6d264cbc9a1c42f1fd3bc1790e7796927c7c6d3e0296d1292931bd649
d48c07d7f6153d33893dc9f47616c089f98c9cf4d8fadfe2524f456bcadc718e
d4d5b1a37d63059344842573fda9dd836245be544e60b624a44739cec1b98325
d9b045437169cf48ec3d5ac40ef9848955034fb1075f35011d393c68adebfd5d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de595febf6316a086e1ff11c607f06144d884f81f94ae5b7a29670770a33dfa9
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43446a33dbd5133d8ee1b6e31e6680d8bd12414b7925b11adec285d3a2c09e4
e63dc35fed16321f3d27f6689ab408a452b8ec28a030d1b3b0b8e698e2c688ba
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e80e8f12fb15cdf9dfe3c1f80bebadf52390bab52d3dff99253dd6f9bf599544
e94e0140ad5ee0dd772ad05d9ba5cc4cf3e2a1f5d420ea5cb783edbdbdda9f10
ea151a8dff0f592c3588c6e101c7d992ecacd802c55192272c2980abecb0f9fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fd2fd33a4b83c05249501ee61b58948696ce9ecb11ac3f18ddcac9afe357b3
f204ddb8c8e67063a3428711e486e65bf555a8cf6d25553da0585958a96320af
f21fbdef688ebf03e844d7ab41038b6684126ae6c7c6e69815e051332ff639ed
f27b60457a892efcd4d4cebd0135e35b92112757c657cdcdf35af14bf8d9f0f3
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b
fbc87c3511ceaa4446838dc206f765c70af8e7f2a97617ddaa5e7743ed637b34

www.costao.com.br Open in urlscan Pro 177.47.0.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

78 %HTTPS

24 %IPv6

68 Domains

90 Subdomains

63 IPs

10 Countries

3423 kBTransfer

8262 kBSize

77 Cookies

21 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.costao.com.br Open in urlscan Pro
177.47.0.55 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

78 %
HTTPS

24 %
IPv6

68
Domains

90
Subdomains

63
IPs

10
Countries

3423 kB
Transfer

8262 kB
Size

77
Cookies

170 HTTP transactions
1 data transactions