www.passagenspromo.com.br Open in urlscan Pro
34.151.225.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://voeazuul.com.br/
Effective URL:
https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 12 via api (July 12th 2023, 12:48:17 pm UTC) from FI — Scanned from FI

Summary HTTP 94 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 22 domains to perform 94 HTTP transactions. The main IP is 34.151.225.40, located in São Paulo, Brazil and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.passagenspromo.com.br.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 12th 2022. Valid for: a year.

This is the only time www.passagenspromo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.161.90.154 5.161.90.154	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1 2	2606:4700:303... 2606:4700:3030::ac43:9016	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::6815:5f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	34.151.225.40 34.151.225.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	52.222.250.175 52.222.250.175	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	108.138.7.27 108.138.7.27	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	23.53.43.98 23.53.43.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.199.118.124 35.199.118.124	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	35.198.30.30 35.198.30.30	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	() ()
1 1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
2	2606:4700:e4:... 2606:4700:e4::ac40:a427	() ()
1	34.68.90.188 34.68.90.188	() ()
1	2606:4700:e4:... 2606:4700:e4::ac40:a527	() ()
1	40.121.178.25 40.121.178.25	() ()
94	24

1 5.161.90.154 (United States) 1 redirects

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.154.90.161.5.clients.your-server.de

voeazuul.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:9016 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:5f5f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

redirecionador.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 34.151.225.40 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.225.151.34.bc.googleusercontent.com

www.passagenspromo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

selo.compreconfie.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-175.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.53.43.98 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-98.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.199.118.124 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 124.118.199.35.bc.googleusercontent.com

cmp.pcr.rec.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.198.30.30 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.30.198.35.bc.googleusercontent.com

pcr.emitir.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (None, ) 1 redirects

ASN- ()

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, ) 1 redirects

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a427 (None, )

ASN- ()

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (None, )

ASN- ()

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a527 (None, )

ASN- ()

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.121.178.25 (None, )

ASN- ()

b.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	passagenspromo.com.br www.passagenspromo.com.br broker.passagenspromo.com.br Failed	537 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1040 j.clarity.ms — Cisco Umbrella Rank: 23093 c.clarity.ms	23 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	72 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	71 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	288 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 718	124 KB
3	pn.vg cdn.pn.vg osp-assets.pn.vg	55 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	264 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081	78 KB
3	redirecionador.info 2 redirects redirecionador.info	2 KB
2	google.no www.google.no — Cisco Umbrella Rank: 23768	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	412 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	669 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	186 KB
1	smrk.io b.smrk.io	602 B
1	rdstation.com.br popups.rdstation.com.br	45 KB
1	bing.com 1 redirects c.bing.com	743 B
1	emitir.com.br pcr.emitir.com.br	2 KB
1	pcr.rec.br cmp.pcr.rec.br	2 KB
1	compreconfie.com.br selo.compreconfie.com.br — Cisco Umbrella Rank: 206018	4 KB
1	voeazuul.com.br 1 redirects voeazuul.com.br	241 B
0	googleapis.com Failed fonts.googleapis.com Failed
94	22

	Domain	Requested by
39	www.passagenspromo.com.br	www.passagenspromo.com.br www.googletagmanager.com cdn.pn.vg
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.passagenspromo.com.br
5	d335luupugsy2.cloudfront.net	www.passagenspromo.com.br d335luupugsy2.cloudfront.net www.googletagmanager.com
4	www.facebook.com	www.passagenspromo.com.br
4	analytics.tiktok.com	redirecionador.info analytics.tiktok.com
3	j.clarity.ms	www.clarity.ms
3	connect.facebook.net	redirecionador.info connect.facebook.net
3	redirecionador.info	2 redirects
2	cdn.pn.vg	www.googletagmanager.com cdn.pn.vg
2	c.clarity.ms	1 redirects
2	www.google.no	www.passagenspromo.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	redirecionador.info www.clarity.ms
2	static.hotjar.com	www.googletagmanager.com redirecionador.info
2	www.googletagmanager.com	www.passagenspromo.com.br www.googletagmanager.com d335luupugsy2.cloudfront.net
1	b.smrk.io	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	c.bing.com	1 redirects
1	www.google.com	www.passagenspromo.com.br
1	pcr.emitir.com.br	redirecionador.info
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cmp.pcr.rec.br	redirecionador.info
1	selo.compreconfie.com.br	www.passagenspromo.com.br
1	voeazuul.com.br	1 redirects
0	fonts.googleapis.com Failed	d335luupugsy2.cloudfront.net
0	broker.passagenspromo.com.br Failed	www.passagenspromo.com.br
94	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
befly.gupy.io
compreconfie.com.br

Subject Issuer	Validity	Valid
redirecionador.info GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
www.passagenspromo.com.br AlphaSSL CA - SHA256 - G2	`2022-07-12` - `2023-08-13`	a year	crt.sh
selo.compreconfie.com.br DigiCert TLS RSA SHA256 2020 CA1	`2023-06-05` - `2024-06-05`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-20` - `2023-07-19`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
cmp.pcr.rec.br R3	`2023-05-14` - `2023-08-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
pcr.emitir.com.br R3	`2023-07-10` - `2023-10-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
pn.vg GTS CA 1P5	`2023-06-29` - `2023-09-27`	3 months	crt.sh
popups.rdstation.com.br R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
smrk.io R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
Frame ID: 5CF7A86C44C7E0C935F2ACDF0BA03A38
Requests: 94 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Passagens Aéreas Promocionais Azul - VoeAzul no Passagens Promo

Page URL History Show full URLs

http://voeazuul.com.br/ HTTP 302
https://redirecionador.info/2021/azul HTTP 301
http://redirecionador.info/2021/azul/ HTTP 302
https://redirecionador.info/?g/W8THdJq Page URL
https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&p... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Page Statistics

94
Requests

90 %
HTTPS

54 %
IPv6

22
Domains

28
Subdomains

24
IPs

4
Countries

1464 kB
Transfer

3769 kB
Size

34
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/passagenspro

Search URL Search Domain Scan URL

URL: https://www.instagram.com/passagenspromo/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZmu4SNxHmFJyCXM5C81cJw

Search URL Search Domain Scan URL

URL: https://befly.gupy.io/
Title: Trabalhe conosco

Search URL Search Domain Scan URL

URL: https://compreconfie.com.br/105221

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://voeazuul.com.br/ HTTP 302
https://redirecionador.info/2021/azul HTTP 301
http://redirecionador.info/2021/azul/ HTTP 302
https://redirecionador.info/?g/W8THdJq Page URL
https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://voeazuul.com.br/ HTTP 302
https://redirecionador.info/2021/azul HTTP 301
http://redirecionador.info/2021/azul/ HTTP 302
https://redirecionador.info/?g/W8THdJq

Request Chain 70

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A839D6DAE21D4EDC828BD11D5259D20A&RedC=c.clarity.ms&MXFR=1996CC550BE56183058DDF190FE56FCF HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A839D6DAE21D4EDC828BD11D5259D20A&MUID=1DBCB306FE606CDE11D9A04AFF376DBD

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
redirecionador.info/
Redirect Chain

http://voeazuul.com.br/
https://redirecionador.info/2021/azul
http://redirecionador.info/2021/azul/
https://redirecionador.info/?g/W8THdJq

203 B
532 B

439ms
438ms

Document
text/html

2606:4700:3030::ac43:9016
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redirecionador.info/?g/W8THdJq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9016 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash: 696ce95ec5c4f965489683b55d96b7ac29a7078c135f8f039cdb87e829d70866

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e5966238ddfb503-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 12 Jul 2023 12:48:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMhZ7StqRl9pQPD8uRjhw5lN32KlkD4hfxRx2Dw%2BGQzlE1Pw203BSqlf8GsfYZ69NCS7Nkqht0bu8SLCtQzcT0kFJ8S5XFDfnZJj2cH6wY3fZ3dkG2JJv%2B3k7ql%2F0RU%2B%2BCQYigPBKXG2cQJUbYC2eYbp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.38

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7e59661f581bb4ed-OSL
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Jul 2023 12:48:10 GMT
Location: https://redirecionador.info/?g/W8THdJq
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u8f3U4hg1X39ZqaSswwVNjlFk0kO835s7ckEjCcYhcWvflZQefmGRcYddYjTkLQP%2BqQRpt%2BbOXo5ueQ3WUZLARZYuKubec6313Fy8rAM%2BrvH2c1K1KlZLTkiWCi64W5pNdQp%2BR6%2FQ0aB%2FPidzzlO9cU"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.38
alt-svc: h3=":443"; ma=86400

GET
H2 200 Primary Request / Show response
www.passagenspromo.com.br/passagens-aereas-azul/ 54 KB
8 KB 847ms
273ms Document
text/html 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx / PHP/8.0.11

Resource Hash

8a2ff1ad7707b56927d6c923ec3b8ed9a1a75c628c24112aa1ebcc6a50265247

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
access-control-allow-methods: POST, GET, OPTIONS
age: 9637
cache-control: max-age=600, public
content-encoding: br
content-length: 7488
content-type: text/html; charset=UTF-8
date: Wed, 12 Jul 2023 12:48:11 GMT
magicmarker: 1
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.6)
x-cache-action: HIT
x-cache-hits: 14
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.11
x-varnish: 494153587 494897001

GET
H2 200 passagens-aereas-cias.min.css
www.passagenspromo.com.br/assets/css/ 75 KB
12 KB 278ms
277ms Stylesheet
text/css 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d7543d6cbaef7c7ce292e557e82f89649801888c1134c1e842f0e0b43c82f1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 11747
content-length: 11978
magicmarker: 1
last-modified: Mon, 10 Jul 2023 20:10:56 GMT
server: nginx
etag: W/"64ac65d0-12a6f"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
x-varnish: 494153589 493854615
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 28

GET
H2 200 questionmark.svg
www.passagenspromo.com.br/assets/img/ 1 KB
1 KB 274ms
274ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/questionmark.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ee5b092fe85fc3bd63f08183cee46fcb0abe781ca0b02800067a64605ecb552b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13544
content-length: 556
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-55c"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 492818394 493658810
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 2769

GET
H2 200 oferta-off-27.svg
www.passagenspromo.com.br/assets/img/passagens-aereas/ 5 KB
2 KB 550ms
547ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/passagens-aereas/oferta-off-27.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7599df4965e8a7406ebf554116707ef301851aca5ab0df106302f3653f80ae5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 8759
content-length: 1218
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-1567"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 492840148 494211358
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 11

GET
H2 200 ic-unchecked.svg
www.passagenspromo.com.br/assets/img/hotel/ 324 B
674 B 528ms
524ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/hotel/ic-unchecked.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f280fbd736de3402f93227b26d2178ddd9a0c451e9d841a23a4fc91b7e10c853

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13399
content-length: 204
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-144"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 487912039 494087423
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 197

GET
H2 200 ra-1000@2x.png
www.passagenspromo.com.br/assets/img/ 8 KB
9 KB 547ms
543ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/ra-1000@2x.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e26efa3c4aaad86ef1b2afbb3e020f41ef6c4d62919580c2f4d23551f7ab412c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13399
content-length: 8266
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-204a"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 494280279 489047978
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 103

GET
H2 200 brasil.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 562ms
559ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/brasil.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

fa6989153899839e7546886847b35512852d98e048b15f668472bce136fd02a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1382
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-566"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 492840152 493563823
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1957

GET
H2 200 santander.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 564ms
561ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/santander.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c7dc47cffbddb2db0328ca673c066e41c7e6cbf8cefd3e63d33850a727441006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1123
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-463"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 494280281 494403742
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1946

GET
H2 200 inter.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 565ms
561ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/inter.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8eb889e9dd28c3b5e79fa7acb0cf5f4cfa09668f28aa5aaf33ab0a89d7337058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1112
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-458"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 494153599 483912252
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1939

GET
H2 200 itau.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 566ms
562ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/itau.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d015a21e2c8e39e9f3866d112a037928be9ab5680cc326133598d2deeacd79e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1245
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-4dd"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 487912041 491232025
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1941

GET
H2 200 bradesco.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 571ms
568ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/bradesco.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d621b834399afb4b8e43a3771d0a7a098033fa284012c98bfa28e7ae885e316f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1243
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-4db"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 494675954 493260827
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1938

GET
H2 200 banrisul.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 572ms
569ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/banrisul.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d288fc64b0237517c5369bad6e36aa5ec8ea81126e165953ae59734c8a6f89d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1467
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-5bb"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 495780264 494502686
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1929

GET
H2 200 group-19.png
www.passagenspromo.com.br/assets/img/payment/ 2 KB
2 KB 573ms
571ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/group-19.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

78da74acdd281b068d0c112ed7fce5f6add64ffaf55f9be183924da6fad5522b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1830
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-726"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 492818398 493658819
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1931

GET
H2 200 bs-2.png
www.passagenspromo.com.br/assets/img/payment/ 1 KB
2 KB 572ms
569ms Image
image/png 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/payment/bs-2.png

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bc69af719ca2b19a8e49419d8f37482a1320b6e6156e74f7ac074282b27e0729

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13479
content-length: 1219
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-4c3"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
x-varnish: 496304292 494797476
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1936

GET
H2 200 105221.png
selo.compreconfie.com.br/reputation/ 4 KB
4 KB 1158ms
964ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://selo.compreconfie.com.br/reputation/105221.png
Requested by: Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7b77d3a99dd127cdcb726bbf0d50c6a0de0f7ba3cd264536abc63c14d24b3f1b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 12 Jul 2023 12:48:13 GMT
last-modified: Wed, 12 Jul 2023 07:16:47 GMT
x-azure-ref-originshield: 0DKGuZAAAAACk1YS9DQGFRrMHbiY/PFH1QU1TMDRFREdFMTkwOQBmZmY4MDY0Ny0zNGEzLTRmNWEtOWE0OC00ZjFjM2M0OTNmMWI=
content-md5: JZiFioW7bonoCEedCbtl6A==
etag: 0x8DB82A7F4211196
x-azure-ref: 0DKGuZAAAAADIBhQnH1khR6yhb11yXQDlU1RPRURHRTEzMTgAZmZmODA2NDctMzRhMy00ZjVhLTlhNDgtNGYxYzNjNDkzZjFi
x-cache: TCP_MISS
content-type: image/png
x-ms-request-id: b1942536-101e-006c-31bf-b42995000000
x-ms-version: 2009-09-19
content-length: 3592

GET
H2 200 bundle-pp-frame.js Show response
www.passagenspromo.com.br/assets/js/ 68 KB
16 KB 525ms
522ms Script
application/javascript 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/js/bundle-pp-frame.js?version=9250422170642

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2f16396c7967d8f59e4f3bdf907dada2e3ae960ff5469b29bb6dbb9081eea031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13399
content-length: 16121
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-10e8a"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=utf-8
x-varnish: 494153591 493563837
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 207

GET
H2 200 scripts-passagens-aereas-cias.min.js Show response
www.passagenspromo.com.br/assets/js/ 68 KB
16 KB 532ms
528ms Script
application/javascript 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/js/scripts-passagens-aereas-cias.min.js?version=9250422170642

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cdba61e5ed5ad0fa4530b9c9eeefdeef42d547195f4418ce1b856781210370d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 11746
content-length: 15635
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-11110"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=utf-8
x-varnish: 492818396 493591970
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 27

GET
H2 200 affiliate_hook.min.js Show response
www.passagenspromo.com.br/assets/js/ 3 KB
1 KB 556ms
552ms Script
application/javascript 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/js/affiliate_hook.min.js?version=9250422170642

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

364946b385558aecb640f0329343d59724fa8ab6b3936e690cf7183c3e2d2329

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13422
content-length: 830
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-af5"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=utf-8
x-varnish: 494153593 494766106
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 897

GET
H2 200 newsletter_rd.min.js Show response
www.passagenspromo.com.br/mercurio/static/js/dist/ 11 KB
3 KB 559ms
555ms Script
application/javascript 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/mercurio/static/js/dist/newsletter_rd.min.js?version=9250422170642

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8522d7b842435e98b900b240e2a5a28392bcd0e8804a706150911212852f01d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
last-modified: Thu, 03 Mar 2022 17:56:20 GMT
server: nginx
etag: W/"62210144-2c35"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=utf-8
cache-control: max-age=3888000
access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Accept,Content-Type
expires: Sat, 26 Aug 2023 12:48:12 GMT

GET
H2 200 b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 3 KB
2 KB 1105ms
912ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js
Requested by: Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d69add0487a710451abfb644589a379444d3c75141f4dc923c9cccf164a82ba3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:14 GMT
x-amz-version-id: KMg7rTxMPrkzB3LhrS8vVmdxkHCLB0s6
content-encoding: gzip
last-modified: Fri, 26 May 2023 13:05:21 GMT
server: AmazonS3
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"f2551abc6b5f76b4bb3320e9b6aafb3a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: u8-N19bryV0M7DKhdRPhc9bB6Zi4KL2SsJwzoMKSx4XwnokBtIoAYQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
102 KB 271ms
98ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3defd0fedfb4b3b6a3ad75f1798fc973b6f6b8235c726e3431edcb57743921c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103875
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jul 2023 12:48:12 GMT

GET
H2 200 pp-frame.min.css
www.passagenspromo.com.br/frame/dist/css/ 15 KB
3 KB 534ms
533ms Stylesheet
text/css 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/frame/dist/css/pp-frame.min.css

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

289e96ec0ad3f6f3e89c55854cc34bf77cf9e1ec94332b2c218cd9fe0d231e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13546
content-length: 3031
magicmarker: 1
last-modified: Thu, 27 Apr 2023 13:40:58 GMT
server: nginx
etag: W/"644a7b6a-3c2f"
x-cache-action: HIT
content-type: text/css
x-varnish: 492818400 494403735
cache-control: max-age=600, public
accept-ranges: bytes
x-cache-hits: 2342

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 138 KB
51 KB 302ms
113ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NPN9NM2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5460cc6c0b280977336dc5ee60d6f873274d83815dc4ef7b37c2403a58287d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51804
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jul 2023 12:48:12 GMT

GET
H2 200 hotjar-3433253.js Show response
static.hotjar.com/c/ 9 KB
4 KB 541ms
136ms Script
application/javascript 108.138.7.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3433253.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-27.fra56.r.cloudfront.net

Software

Resource Hash

ed7e85e31f25624222493128aece52525b9c7e23b8452e0de30a7e01054d0f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/658f095c44f411730a6194e554cc0e43
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: lUg_A0cc9AiiB0N0CBFZBIarRE--GZmUdFes_4YEbpJDJDkTcR4-gA==

GET
H2 200 geo.min.js Show response
www.passagenspromo.com.br/nstatic/common/js/ 1 KB
996 B 298ms
297ms Script
application/javascript 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/nstatic/common/js/geo.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c7cfdc68221aef15e11cc5112e5af9704ff8067cf1ccad6dab809d035f493f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13545
content-length: 656
magicmarker: 1
last-modified: Sat, 08 Jul 2023 01:47:45 GMT
server: nginx
etag: W/"64a8c041-599"
x-cache-action: HIT
content-type: application/javascript; charset=utf-8
x-varnish: 492818405 490617055
cache-control: max-age=600, public
accept-ranges: bytes
x-cache-hits: 2715

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 254ms
80ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: redirecionador.info
URL: https://redirecionador.info/?g/W8THdJq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jul 2023 12:48:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: GPMHoOaU+F5UsoF81nMVsb3hSjE5I0RD6Gx8170VxApsUS3k23ZCIlkKyOw5KCLPmGCOI2BwiRmo9nB5RbwXWQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 454ms
185ms Script
application/javascript 23.53.43.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBVOTN3C77UFTR6U6LOG&lib=ttq
Requested by: Host: redirecionador.info
URL: https://redirecionador.info/?g/W8THdJq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 85c1d9917ed39961beceac0b7d354ca0f77c0eee80059ccf4a02a5e515ffd60a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 207e5708.466aedfc
date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-94.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
x-parent-response-time: 91,23.53.43.94
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=11, inner; dur=3
content-length: 1847
pragma: no-cache
server: nginx
x-tt-logid: 20230712124812B7A732BC72F68BED681A
x-cache-remote: TCP_MISS from a23-44-202-207.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.44.202.207
x-tt-trace-host: 01adc6c3fe5ec2f99ea123500f79e81380993d32ec61684c07de52976a9c1d468ae82581f7ac678750259717cdd5b74915288b51ed47fe291437462e5fbbf40603a2b08c082761d4e93fba6e27422a613096fe921a2036588fb6a1b24f553f891e8d13bd9ecca5c13e062955207082c412
expires: Wed, 12 Jul 2023 12:48:13 GMT

GET
H2 200 cmp Show response
cmp.pcr.rec.br/ 2 KB
2 KB 1653ms
271ms Script
text/javascript 35.199.118.124
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.pcr.rec.br/cmp?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
Requested by: Host: redirecionador.info
URL: https://redirecionador.info/?g/W8THdJq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.199.118.124 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 124.118.199.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a20cd785dce3dca08e6741504939a0a55a549a4a48ca1b44827071186784c2ea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:14 GMT
server: nginx
content-length: 1987
content-type: text/javascript

GET
H2 200 ex8ijhej94 Show response
www.clarity.ms/tag/ 1016 B
1 KB 308ms
160ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ex8ijhej94
Requested by: Host: redirecionador.info
URL: https://redirecionador.info/?g/W8THdJq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e1bbeada440365152f80356ed32e3c5d468474b81b547e93d176e4f95bd976af

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date: Wed, 12 Jul 2023 12:48:12 GMT
x-azure-ref: 0DKGuZAAAAAAX6eBXXI6VQoIJ/eDBUw+sU1RPRURHRTE4MjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1016
expires: -1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
84 KB 98ms
95ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-357CXG33XP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9302ed473e25214282da1708a199ccab0c3a9ad67bb487f22fda957953f1b209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jul 2023 12:48:12 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
261 B 214ms
71ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-357CXG33XP&gtm=45je37a0&_p=1098678514&_gaz=1&cid=1281328803.1689166093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689166092&sct=1&seg=0&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&dt=Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-357CXG33XP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.passagenspromo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 261ms
82ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-357CXG33XP&cid=1281328803.1689166093&gtm=45je37a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-357CXG33XP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.passagenspromo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
408 B 345ms
109ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-357CXG33XP&cid=1281328803.1689166093&gtm=45je37a0&aip=1&z=289926456

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 the-new-logo.svg
www.passagenspromo.com.br/assets/img/ 7 KB
2 KB 282ms
279ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/the-new-logo.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

037457932606ca4b90c4f66da8916548f78c4739b0b6226cf0a2c1b696da75b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13480
content-length: 1960
magicmarker: 1
last-modified: Mon, 03 Jul 2023 18:45:22 GMT
server: nginx
etag: W/"64a31742-1bbf"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 496304298 490581212
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1681

GET
H2 200 avatar_blue.svg
www.passagenspromo.com.br/assets/img/ 548 B
737 B 284ms
283ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/avatar_blue.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bee0551601cae418af548e67aa72f106ab7439bb6c9d41a20484964e1394852d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13480
content-length: 267
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-224"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 492818407 490939876
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1749

GET
H2 200 passagens-aereas-azul-bg.jpg
www.passagenspromo.com.br/assets/img/passagens-aereas/azul/ 263 KB
263 KB 579ms
575ms Image
image/jpeg 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/passagens-aereas/azul/passagens-aereas-azul-bg.jpg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

15a2a527311684db4acc9b9a8a05d2aba45cc3d74ece15bc3f297b97a7e7f804

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 8760
content-length: 268896
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: "6491f64e-41a60"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/jpeg
x-varnish: 496304300 494635876
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 11

GET
H2 200 azul-logo.svg
www.passagenspromo.com.br/assets/img/passagens-aereas/azul/ 3 KB
1 KB 1688ms
1684ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/passagens-aereas/azul/azul-logo.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d89ebc6051574673ddce30cae9c3b60d289670392ace70fb0d3e9d7209e1622a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 8760
content-length: 837
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-a52"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 494675956 491559195
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 11

GET
H2 200 OpenSans-Bold.woff2
www.passagenspromo.com.br/assets/fonts/ 60 KB
58 KB 1662ms
1659ms Font
font/woff2 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/fonts/OpenSans-Bold.woff2

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

78d358ba019a1cd3b28a8917560a433fc03f52c2ec058a85bd00f2236cded66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
Origin: https://www.passagenspromo.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13508
content-length: 59267
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-ee6c"
x-cache-action: HIT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://m.passagenspromo.com.br
x-varnish: 496304302 494274855
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 2089

GET
H2 200 grey-800.svg
www.passagenspromo.com.br/assets/img/ 969 B
922 B 1684ms
1683ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/grey-800.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

69aa60b98e69d6afd362067c149059ca5f020243524bccc93010090b79dc6ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13422
content-length: 452
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-3c9"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 495780266 494502776
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 678

GET
H2 200 fly.svg
www.passagenspromo.com.br/assets/img/ 629 B
836 B 1684ms
1684ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/fly.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

28b2198e9e69dd3656e208f9787a52b1c4a9948a14a3444b45dcbb91ac89a2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13399
content-length: 367
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-275"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 487912043 494502787
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 161

GET
H2 200 calendar.svg
www.passagenspromo.com.br/assets/img/ 972 B
935 B 1686ms
1685ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/calendar.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e33ee512b9a096c19feced7f7310c8b2f9bcb154b314d8cdd0fdb8a67197e074

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13399
content-length: 466
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-3cc"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 492818409 490382688
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 161

GET
H2 200 OpenSans-Regular.woff2
www.passagenspromo.com.br/assets/fonts/ 58 KB
57 KB 1676ms
1675ms Font
font/woff2 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/fonts/OpenSans-Regular.woff2

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d90fd15b1195709c30038dc52c6836fe9804a48d419134a4f19a3b9856007a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
Origin: https://www.passagenspromo.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13480
content-length: 57632
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-e9bc"
x-cache-action: HIT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.passagenspromo.com.br
x-varnish: 494675958 494469293
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1905

GET
H2 200 passageiro.svg
www.passagenspromo.com.br/assets/img/ 912 B
914 B 2206ms
2205ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/passageiro.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1155466df416042b347a0e320418dd7852a698a7adba32da345046afefd82e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 12655
content-length: 445
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-390"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 492818411 493591328
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 42

GET
H2 200 grey-500.svg
www.passagenspromo.com.br/assets/img/ 811 B
842 B 2206ms
2205ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/grey-500.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c43d44f3d6dfe72333bf3f59c9f186ebb3551aedb8f842e337fe45e3e1efecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 12655
content-length: 373
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-32b"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 487912045 489986218
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 41

GET
H2 200 grey-600.svg
www.passagenspromo.com.br/assets/img/passagens-aereas/ 344 B
685 B 2207ms
2206ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/passagens-aereas/grey-600.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ea4503b0422c0566f583f4a0b4fc600ebb9a02bcee5720c75bd05a1c6bee2251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 12462
content-length: 216
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-158"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 494280283 494371352
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 28

GET
H2 200 nuvens-pattern.svg
www.passagenspromo.com.br/assets/img/ 3 KB
2 KB 2131ms
2131ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/assets/img/nuvens-pattern.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ebf0e23cb47536b87cb333e4c9dd3d0c8a6066fecd8d7154f273aeba1cd44dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13476
content-length: 1222
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-a34"
x-cache-action: HIT
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/svg+xml
x-varnish: 494280285 487865483
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 1813

GET
H2 200 OpenSans-SemiBold.woff2
www.passagenspromo.com.br/assets/fonts/ 60 KB
59 KB 2129ms
2129ms Font
font/woff2 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/assets/fonts/OpenSans-SemiBold.woff2

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a05c7bd787c4e9adca2325bda23df2acda8bd046d4a0242e76b395541b6b9c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.passagenspromo.com.br/assets/css/passagens-aereas-cias.min.css?version=9250422170642
Origin: https://www.passagenspromo.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13508
content-length: 59317
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:13 GMT
server: nginx
etag: W/"6491f64d-f07c"
x-cache-action: HIT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://m.passagenspromo.com.br
x-varnish: 487912049 494766050
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-CSRFToken, Origin, Authorization, Accept,Content-Type
x-cache-hits: 2053

GET
H2 200 frame-params Show response
www.passagenspromo.com.br/air/search/ 53 B
293 B 2116ms
2115ms XHR
application/json 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.passagenspromo.com.br/air/search/frame-params

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/assets/js/bundle-pp-frame.js?version=9250422170642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9bd502bd510950f8c67e0f398eb9880235bd36769c5e1e90c30a5199a63b7b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: br
server: nginx
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Authorization, Content-Type, *

GET
H2 200 menos-off-pp.svg
www.passagenspromo.com.br/frame/dist/img/ 884 B
714 B 2115ms
2114ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/frame/dist/img/menos-off-pp.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d62c41112740a7f981333f2bb052ea14f2e0dda620a516a453db3f67b817d9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13545
content-length: 389
magicmarker: 1
last-modified: Thu, 27 Apr 2023 13:40:58 GMT
server: nginx
etag: W/"644a7b6a-374"
x-cache-action: HIT
content-type: image/svg+xml
x-varnish: 492818413 487865411
cache-control: max-age=600, public
accept-ranges: bytes
x-cache-hits: 1733

GET
H2 200 mais-on-pp.svg
www.passagenspromo.com.br/frame/dist/img/ 945 B
793 B 2115ms
2114ms Image
image/svg+xml 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.passagenspromo.com.br/frame/dist/img/mais-on-pp.svg

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

40.225.151.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e4281cb355154336144e28af7945053ab984aded7e7f7d06537d6630359830a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 13545
content-length: 467
magicmarker: 1
last-modified: Thu, 27 Apr 2023 13:40:58 GMT
server: nginx
etag: W/"644a7b6a-3b1"
x-cache-action: HIT
content-type: image/svg+xml
x-varnish: 494675960 493563795
cache-control: max-age=600, public
accept-ranges: bytes
x-cache-hits: 1736

GET
H2 200 342802671308177 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 84ms
84ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/342802671308177?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ccb88120bca87ab17b6de86f2a9039afe86aa710d965574a22cc7917b2bd25b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jul 2023 12:48:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111274
x-xss-protection: 0
pragma: public
x-fb-debug: u8lFeLc+ynekbFUfV9yEFrfkhGGaXJE8AWiqTi6C86oKfc8qQOdpussYu6+3c5bbVjAowsvkPxQ861aM3/tgBw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.passagenspromo.com.br/geoip/json/ 205 B
451 B 2048ms
2048ms Fetch
application/json 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.passagenspromo.com.br/geoip/json/
Requested by: Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/nstatic/common/js/geo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.225.151.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 00897e634966c1884f495f9de18ea5e415332582feaf3a2444bf2159b5ea44c6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:13 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: dev2.passagenspromo.com.br, m.passagenspromo.com.br
cache-control: max-age=604800
x-database-date: Wed, 26 Apr 2023 13:56:36 GMT
content-length: 205
expires: Wed, 19 Jul 2023 12:48:13 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 57ms
57ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ex8ijhej94
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:12 GMT
content-encoding: br
last-modified: Mon, 10 Jul 2023 18:56:17 GMT
x-azure-ref-originshield: 0MimuZAAAAAArcXWKHy7MSbQoTkd+Y6EwQU1TMDRFREdFMTgwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag: "0x8DB817757AB9A71"
x-azure-ref: 0DaGuZAAAAADEY+9M4q05TZOveVGMuNaGU1RPRURHRTE4MjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3af64334-701e-003e-6670-b4b9a4000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 main.MTExNWE3NjU4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
90 KB 102ms
101ms Script
application/javascript 23.53.43.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTExNWE3NjU4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBVOTN3C77UFTR6U6LOG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ee7c89525667a5015c6f9c715d35e454219017674dcbd2110a45abea9f5bb62

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 466af259
date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023070613192294EEE7BA01C88F2C7470
vary: Accept-Encoding
x-cache: TCP_HIT from a23-53-43-94.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01727b8a0bb0a6036ec3c2ed57b326f626cb75e76c6235311f6db9c85406c72eb1e1213e0eb9a118d91c6341f57652e86ed458b5f2c787ac1d6ce0b3fd4390cb69d35d0fb53cff3ea994b02b2d0fa885c07591dc5e3277346300ea7fdfe0201c0f
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 91858

GET
H2 200 modules.fba0c9b2e1c5e125e170.js Show response
script.hotjar.com/ 270 KB
69 KB 270ms
90ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3433253.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 07:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 192306
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70330
last-modified: Mon, 10 Jul 2023 07:22:19 GMT
etag: "0054d18e8d659772b0e915a12ecd8b15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: plVgJmu9JBzdE-VLcZjkoS_ZAWdOAT8mKt_r8wSVR5evklaQrPygWA==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 88ms
88ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 07:20:47 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 19647
x-amz-server-side-encryption: AES256
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rOZ8WZ88VjBImKk_IldtSih3VQFeeAXM6I3y9rpk4Wcqez90HKaHtQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 11:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6216
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 12 Jul 2023 13:04:37 GMT

GET
H/1.1 200
OK pa.js Show response
pcr.emitir.com.br/ 3 KB
2 KB 1756ms
265ms Script
application/javascript 35.198.30.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcr.emitir.com.br/pa.js
Requested by: Host: redirecionador.info
URL: https://redirecionador.info/?g/W8THdJq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.198.30.30 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.30.198.35.bc.googleusercontent.com
Software: /
Resource Hash: ac5d1ab323da68bfcb99b9c258a33a1f6817d434f0c4fdaaab4a9c11e91b8938

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 12:48:14 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 24 Nov 2021 16:35:28 GMT
Accept-Ranges: bytes
Content-Length: 1611
Content-Type: application/javascript

GET
H2 200 hotjar-1177627.js Show response
static.hotjar.com/c/ 11 KB
5 KB 118ms
117ms Script
application/javascript 108.138.7.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1177627.js?sv=6

Requested by

Host: redirecionador.info
URL: https://redirecionador.info/?g/W8THdJq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-27.fra56.r.cloudfront.net

Software

Resource Hash

c14b3440c5653c9ff0ac29e9325625b6343dba6d5ee1baabc97a567d191b1b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 12:48:13 GMT
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/e0f672f4243f8bcb5e2df2abfc4403eb
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: e7-b9h-FRTY0KNjNHyiOVniew4bEGSHIMv1nCDlukTPdtlEizyqlcw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 283ms
82ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=342802671308177&ev=PageView&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&rl=&if=false&ts=1689166093451&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1689166093447.857068282&cs_est=true&it=1689166093180&coo=false&exp=a1&rqm=GET

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jul 2023 12:48:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
127 B 91ms
87ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1098678514&t=pageview&_s=1&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&ul=en-us&de=UTF-8&dt=Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAI~&jid=177182100&gjid=525054667&cid=1281328803.1689166093&tid=UA-52481266-1&_gid=2088455019.1689166093&_r=1&_slc=1&gtm=45He37a0n81NDZNHM2&z=1682748357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.passagenspromo.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.passagenspromo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
192 B 83ms
83ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1098678514&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&ul=en-us&de=UTF-8&dt=Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=qs4k7f&_u=YDDAAEABQAAAACAAI~&jid=&gjid=&cid=1281328803.1689166093&tid=UA-52481266-1&_gid=2088455019.1689166093&gtm=45He37a0n81NDZNHM2&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fex8ijhej94%2F1x6nb8j%2Fqs4k7f&z=1889300768

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 00:24:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44609
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
305 B 582ms
233ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.passagenspromo.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.passagenspromo.com.br
Date: Wed, 12 Jul 2023 12:48:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 83ms
81ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52481266-1&cid=1281328803.1689166093&jid=177182100&gjid=525054667&_gid=2088455019.1689166093&_u=YADAAEAAQAAAACAAI~&z=967141464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.passagenspromo.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Jul 2023 12:48:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.passagenspromo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 282ms
105ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52481266-1&cid=1281328803.1689166093&jid=177182100&_u=YADAAEAAQAAAACAAI~&z=28874319

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ 42 B
107 B 127ms
119ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-52481266-1&cid=1281328803.1689166093&jid=177182100&_u=YADAAEAAQAAAACAAI~&z=28874319

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_0e808.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 90ms
90ms Script
application/javascript 23.53.43.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0e808.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTExNWE3NjU4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 466af77f
date: Wed, 12 Jul 2023 12:48:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023070613192394EEE7BA01C88F2C749C
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-53-43-94.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01727b8a0bb0a6036ec3c2ed57b326f626cb75e76c6235311f6db9c85406c72eb1e1213e0eb9a118d91c6341f57652e86e7f3836f4c161e9e062f94255ec85bfacd8e88615f3db5b220ebb90683bb2ae8492c19e370c4e130167e267ff7dfc2adb
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 30779

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 307ms
307ms Ping
text/plain 23.53.43.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTExNWE3NjU4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.passagenspromo.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2fb54cd3.466af8bb
date: Wed, 12 Jul 2023 12:48:14 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-94.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
x-parent-response-time: 115,23.53.43.94
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=35, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230712124813174987E8B52A53E88730
x-cache-remote: TCP_MISS from a23-44-202-210.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.44.202.210
x-tt-trace-host: 01adc6c3fe5ec2f99ea123500f79e81380993d32ec61684c07de52976a9c1d468afa16b4eb9dce06a8e049e6eb97a3664f1d68acf76d3c01356e907e1bd624e07534372b2379b4a72cebcd56214912f5749a4a77238d8077df8516f8c5b0886fda4c95f2ad69895869ab554869be58980e
expires: Wed, 12 Jul 2023 12:48:14 GMT

POST
H/1.1 204
No Content collect Show response
j.clarity.ms/ 0
305 B 523ms
321ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.passagenspromo.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.passagenspromo.com.br
Date: Wed, 12 Jul 2023 12:48:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 92ms
92ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=342802671308177&ev=Microdata&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&rl=&if=false&ts=1689166093954&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo%22%2C%22meta%3Adescription%22%3A%22Promo%C3%A7%C3%B5es%20VoeAZUL.%20Passagens%20%C3%A1reas%20da%20Azul%20mais%20baratas%20at%C3%A9%2035%25%20off.%20Saiba%20mais%20sobre%20os%20servi%C3%A7os%20de%20bordo%2C%20frota%20e%20entretenimento%20da%20AZUL.%20Confira!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.passagenspromo.com.br%2F%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.passagenspromo.com.br%2Fimg%2Flogo-branca.svg%22%2C%22contactPoint%22%3A%5B%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B55%E2%80%8B31%203972-7095%22%2C%22contactType%22%3A%22customer%20service%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.2.1689166093447.857068282&it=1689166093180&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Host: www.passagenspromo.com.br
URL: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jul 2023 12:48:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A839D6DAE21D4EDC828BD11D5259D20A&RedC=c.clarity.ms&MXFR=1996CC550BE56183058DDF190FE56FCF
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A839D6DAE21D4EDC828BD11D5259D20A&MUID=1DBCB306FE606CDE11D9A04AFF376DBD

42 B
444 B

88ms
88ms

Image
image/gif

68.219.88.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A839D6DAE21D4EDC828BD11D5259D20A&MUID=1DBCB306FE606CDE11D9A04AFF376DBD
Protocol: H2
Server: 68.219.88.97 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:15 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 Jul 2023 12:48:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB48DDB8B74B4F4EAF860DF2D1DE066D Ref B: STOEDGE1509 Ref C: 2023-07-12T12:48:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A839D6DAE21D4EDC828BD11D5259D20A&MUID=1DBCB306FE606CDE11D9A04AFF376DBD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 878500409610986 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/878500409610986?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73540dbee5d34de71d02e69f447fbc9e4e697dfc789fe5b04e7b21a9509a6b4b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jul 2023 12:48:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110166
x-xss-protection: 0
pragma: public
x-fb-debug: XN36IdL/sN5mSqK+eUPJeIb1mz/YsjCMkYJ7sBSvNL7RDUxjxpS76o9X+BLJTBqjhyOvF6lSR7C2JQ0XZu9Wog==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 3 KB
2 KB 309ms
309ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d69add0487a710451abfb644589a379444d3c75141f4dc923c9cccf164a82ba3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: KMg7rTxMPrkzB3LhrS8vVmdxkHCLB0s6
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 12:48:16 GMT
last-modified: Fri, 26 May 2023 13:05:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"f2551abc6b5f76b4bb3320e9b6aafb3a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: dBowZ_IisGQTjf83sGJ-TVhyoV9WK7msKPEuQ-HqdmQOwz-Yg8msdg==

GET
H2 200 56458c55-e47e-4993-8d43-ec07f269412d.js Show response
cdn.pn.vg/sites/ 4 KB
3 KB 391ms
114ms Script
text/javascript 2606:4700:e4::ac40:a427

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/56458c55-e47e-4993-8d43-ec07f269412d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZNHM2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a427 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b8d31f7ccea29d05dc8862197fa10605845380417144094a17e8587bba888f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:15 GMT
via: 1.1 c61c9cd8693e9726a85388d7d1796c76.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN54-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 15:14:22 GMT
server: cloudflare
etag: W/"0ec6c728eb5eea25be2b0482559ecdae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i23EH%2FizzNxzNUFwxjS2QydT1xTCtRV%2FStHa%2FPNYv3W9WbSV7d4rU58Rkg%2B%2FDrQc%2B9G2sNsd8tCJ4s7VdkKy4SN8aj497aGjjwTIy%2B7eUIyULSiJhY%2FJa4zsawBuHcLswSsc80w2qyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 7e596641ce3c991e-ARN
x-amz-cf-id: cluXktMeGDuHE2PdKWR2qlA62QL2f4SzN5o33ZL5Zh_rE9gPdBJ-Yg==

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 104ms
104ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2d00138f7c5a196789022de48ec8d3d47b4b704c1db80e9f9ed85b4c82cac71

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 7suXGNM7e8cznSNLixYACpADuibahQNM
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Tue, 11 Jul 2023 13:16:41 GMT
last-modified: Thu, 29 Jun 2023 20:25:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 84695
x-amz-server-side-encryption: AES256
etag: "2266caf55d9a4df9aeab1de966af2ddd"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56782
x-amz-cf-id: 9vKgi2vFVTpuaBDfh0u8UJ01Wsf0oCdCoRh01XOLhbop96Ioo9-BFw==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/2.0.0/ 30 KB
10 KB 205ms
205ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/b058a3a1-a3c7-4d82-8bed-8e749050b307-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 3dngmS.4H4nxkAQ1dQ4Zed.bkb2I4WUy
content-encoding: gzip
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 00:58:28 GMT
x-amz-cf-pop: FRA60-P3
age: 42594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9976
last-modified: Wed, 29 Mar 2023 14:01:04 GMT
server: AmazonS3
etag: "a101060a6ec593b54e9c4227f96e2695"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
x-amz-cf-id: -R3IobUj457vSXPZVOKB27257owFFkhxQiJVLns6-sQjCCpSuJQmIw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
77ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1098678514&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&ul=en-us&de=UTF-8&dt=Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pp_scroll-all&ea=scroll&el=25-percent&ev=25&_u=aDDAAEABQAAAACAAI~&jid=&gjid=&cid=1281328803.1689166093&tid=UA-52481266-1&_gid=2088455019.1689166093&gtm=45He37a0n81NDZNHM2&z=1805907711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 19:39:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61739
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show.json
popups.rdstation.com.br/popup/ 45 KB
45 KB 605ms
223ms XHR
application/json 34.68.90.188

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=620215&uniq=_ubki4q83q&ref=aHR0cHM6Ly93d3cucGFzc2FnZW5zcHJvbW8uY29tLmJyL3Bhc3NhZ2Vucy1hZXJlYXMtYXp1bC8%2FdXRtX21lZGl1bT1hZmlsaWFkbyZwY3JpZD0yMDk5JnV0bV9zb3VyY2U9c2l0ZS1ibG9nJnBjcnR0PWF6dWw%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Wed, 12 Jul 2023 12:48:16 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 45737

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 92ms
89ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=878500409610986&ev=PageView&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&rl=&if=false&ts=1689166095654&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.2.1689166093447.857068282&cs_est=true&it=1689166093180&coo=false&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jul 2023 12:48:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 187 KB
51 KB 92ms
83ms Script
application/javascript 2606:4700:e4::ac40:a427

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/56458c55-e47e-4993-8d43-ec07f269412d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a427 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a96446ae928a833b39605af9211a674118b41271d6732bef41b2c9955087f2ea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:15 GMT
via: 1.1 d661c8f821b4dd0011bb1bb50baf07c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN54-C1
age: 723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 08 Jul 2023 01:40:04 GMT
server: cloudflare
etag: W/"e7341c00e86fdc6f0318ec0c8d3c4945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7N9%2FKyhHpvRpUaktjYMQdjCSNsgPUoFr%2FiL5suJM%2Ffl9jQxprL0bqoMDhx54OyGv%2B0DXn1MjWjc%2FPlkGy3go3e8NzagHcwCcN0ERC9ZoIntnWw9aS45TCOfpHv9czYx%2BC%2FyKZrveWsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7e5966429f28991e-ARN
x-amz-cf-id: r_FEj1w5oIjDMhrh5nbrD2LVr3YYfVxGT6v9QvIjhY8lxKVtGEVpWg==

GET @--@+ZLIMIT_1+CODE_G3
broker.passagenspromo.com.br/pquery/ 0
0

GET @--@+ZLIMIT_1+CODE_TP
broker.passagenspromo.com.br/pquery/ 0
0

GET @--@+ZLIMIT_1+CODE_LA
broker.passagenspromo.com.br/pquery/ 0
0

GET @--@+ZLIMIT_1+CODE_AA
broker.passagenspromo.com.br/pquery/ 0
0

POST
H/1.1 204
No Content collect
j.clarity.ms/ 0
305 B 164ms
163ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.passagenspromo.com.br/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.passagenspromo.com.br
Date: Wed, 12 Jul 2023 12:48:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 56458c55-e47e-4993-8d43-ec07f269412d.json
osp-assets.pn.vg/ 613 B
1 KB 227ms
84ms Fetch
application/json 2606:4700:e4::ac40:a527

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/56458c55-e47e-4993-8d43-ec07f269412d.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a527 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QE421EJB24AWDZ7F
age: 152072
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cKchmfolk9+lbwJoDYG5E8E2uDH2VWFa7SgaKf04wuoos3/VIdqwwwl9KwNMnu+u2OmtQx1hpgXgYJkNipwM5V/eFE7/Hzm7FOLS1UVFXKQ=
last-modified: Mon, 10 Jul 2023 13:45:47 GMT
server: cloudflare
etag: W/"b51b84c9d0e449d166424aeff18b3ccf"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ju3zCqALTR%2FZ61VPAHLb60rwoYg2yPNwHbQFA5p%2BkIz0x%2BU8eiDMubXpIM3DLtbPTMEYSRT3bUqYNREm5BByuGlFgbuK00giJV8vfzdEBG%2BQ0pZtvtCSUcUwQru%2FNn4IUyhHNZNbGHbtTlpjv5UZ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 7e596644bc7e95df-ARN

GET
H2 200 pushnews-sw.js
www.passagenspromo.com.br/ 0
0 276ms
274ms Fetch
application/javascript 34.151.225.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.passagenspromo.com.br/pushnews-sw.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.151.225.40 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.225.151.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/passagens-aereas-azul/?utm_medium=afiliado&pcrid=2099&utm_source=site-blog&pcrtt=azul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:48:16 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.6)
x-cacheable: YES
age: 12859
content-length: 67
x-cached: HIT
magicmarker: 1
last-modified: Tue, 20 Jun 2023 18:56:14 GMT
server: nginx
etag: W/"6491f64e-3e"
x-cache-action: HIT
content-type: application/javascript; charset=utf-8
x-varnish: 493926968 487146578
cache-control: max-age=600, public
accept-ranges: bytes
x-cache-hits: 21

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 91ms
90ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=878500409610986&ev=Microdata&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&rl=&if=false&ts=1689166096174&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo%22%2C%22meta%3Adescription%22%3A%22Promo%C3%A7%C3%B5es%20VoeAZUL.%20Passagens%20%C3%A1reas%20da%20Azul%20mais%20baratas%20at%C3%A9%2035%25%20off.%20Saiba%20mais%20sobre%20os%20servi%C3%A7os%20de%20bordo%2C%20frota%20e%20entretenimento%20da%20AZUL.%20Confira!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.passagenspromo.com.br%2F%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.passagenspromo.com.br%2Fimg%2Flogo-branca.svg%22%2C%22contactPoint%22%3A%5B%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B55%E2%80%8B31%203972-7095%22%2C%22contactType%22%3A%22customer%20service%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.2.1689166093447.857068282&it=1689166093180&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jul 2023 12:48:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
b.smrk.io/api/public/geolocation/UaIUuQR5a1vmYEZDK0maG6SIcUjTk5tGj2Yj/ 473 B
602 B 498ms
170ms XHR
application/json 40.121.178.25

General

Check archive.org

Show headers Download Go to

Full URL: https://b.smrk.io/api/public/geolocation/UaIUuQR5a1vmYEZDK0maG6SIcUjTk5tGj2Yj/
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.121.178.25 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.passagenspromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 12:48:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

GET css
fonts.googleapis.com/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET $awf3wcj5m35
d335luupugsy2.cloudfront.net/cms/files/620215/1680782520/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: broker.passagenspromo.com.br
URL: https://broker.passagenspromo.com.br/pquery/@--@+ZLIMIT_1+CODE_G3?limit=1&max_age=1000

Domain: broker.passagenspromo.com.br
URL: https://broker.passagenspromo.com.br/pquery/@--@+ZLIMIT_1+CODE_TP?limit=1&max_age=1000

Domain: broker.passagenspromo.com.br
URL: https://broker.passagenspromo.com.br/pquery/@--@+ZLIMIT_1+CODE_LA?limit=1&max_age=1000

Domain: broker.passagenspromo.com.br
URL: https://broker.passagenspromo.com.br/pquery/@--@+ZLIMIT_1+CODE_AA?limit=1&max_age=1000

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter|Cabin|Crimson+Text|Droid+Sans|Droid+Serif|Lato|Lobster|Montserrat|Old+Standard+TT|Open+Sans|Oswald|Pacifico|Playfair+Display|PT+Sans|Raleway|Rubik|Source+Sans+Pro|Ubuntu|Roboto

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-357CXG33XP

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-357CXG33XP&gtm=45je37a0&_p=1098678514&cid=1281328803.1689166093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1689166092&sct=1&seg=0&dl=https%3A%2F%2Fwww.passagenspromo.com.br%2Fpassagens-aereas-azul%2F%3Futm_medium%3Dafiliado%26pcrid%3D2099%26utm_source%3Dsite-blog%26pcrtt%3Dazul&dt=Passagens%20A%C3%A9reas%20Promocionais%20Azul%20-%20VoeAzul%20no%20Passagens%20Promo&en=scroll&epn.percent_scrolled=90&_et=77

Domain: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/cms/files/620215/1680782520/$awf3wcj5m35

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.passagenspromo.com.br/passagens-aereas-azul	1969-12-31 23:59:59	Name: mobilecheck Value: 0
.passagenspromo.com.br/	1970-01-20 15:22:22	Name: _gcl_au Value: 1.1.1821547163.1689166093
www.clarity.ms/	1970-01-20 21:58:22	Name: CLID Value: 58a9077329ad470a8d9caed4fd15552e.20230712.20240711
.passagenspromo.com.br/	1970-01-20 22:48:46	Name: _ga_357CXG33XP Value: GS1.1.1689166092.1.0.1689166092.60.0.0
.tiktok.com/	1970-01-20 22:34:22	Name: _ttp Value: 2STMPO8GWI7LsuNkq1YOw95hLVe
.passagenspromo.com.br/	1970-01-20 14:17:34	Name: pcrid Value: 2099
.passagenspromo.com.br/	1970-01-20 14:17:34	Name: utm_source Value: site-blog
.passagenspromo.com.br/	1970-01-20 14:17:34	Name: utm_medium Value: afiliado
.passagenspromo.com.br/	1970-01-20 14:17:34	Name: pcrtt Value: azul
.passagenspromo.com.br/	1970-01-20 14:17:34	Name: fb_pixel Value:
.passagenspromo.com.br/	1970-01-20 13:22:50	Name: apclick Value:
.passagenspromo.com.br/	1970-01-20 13:22:50	Name: apsource Value:
.passagenspromo.com.br/	1970-01-20 13:22:50	Name: source Value:
.passagenspromo.com.br/	1970-01-20 13:22:50	Name: actionpay Value:
.passagenspromo.com.br/	1970-01-20 13:55:58	Name: origem Value: site-blog
.passagenspromo.com.br/	1970-01-20 21:58:22	Name: _clck Value: 1x6nb8j\|2\|fd8\|0\|1288
.passagenspromo.com.br/	1970-01-20 15:22:22	Name: _fbp Value: fb.2.1689166093447.857068282
.passagenspromo.com.br/	1970-01-20 21:58:22	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoidXRtX21lZGl1bT1hZmlsaWFkbyZwY3JpZD0yMDk5JnV0bV9zb3VyY2U9c2l0ZS1ibG9nJnBjcnR0PWF6dWwiLCJleHRyYV9wYXJhbXMiOnt9fSwiY3VycmVudF9zZXNzaW9uIjp7InZhbHVlIjoidXRtX21lZGl1bT1hZmlsaWFkbyZwY3JpZD0yMDk5JnV0bV9zb3VyY2U9c2l0ZS1ibG9nJnBjcnR0PWF6dWwiLCJleHRyYV9wYXJhbXMiOnt9fSwiY3JlYXRlZF9hdCI6MTY4OTE2NjA5MzQ2MX0=
.passagenspromo.com.br/	1970-01-20 22:48:46	Name: _ga Value: GA1.3.1281328803.1689166093
.passagenspromo.com.br/	1970-01-20 13:14:12	Name: _gid Value: GA1.3.2088455019.1689166093
.passagenspromo.com.br/	1970-01-20 13:12:46	Name: _gat_UA-52481266-1 Value: 1
.passagenspromo.com.br/	1970-01-20 21:58:22	Name: _hjSessionUser_3433253 Value: eyJpZCI6Ijc3NGZkNGFmLWE3NWUtNWVkZC1iMTE5LWUyMjMzOThhMGRjOSIsImNyZWF0ZWQiOjE2ODkxNjYwOTM3MTgsImV4aXN0aW5nIjpmYWxzZX0=
.passagenspromo.com.br/	1970-01-20 13:12:47	Name: _hjFirstSeen Value: 1
.passagenspromo.com.br/	1970-01-20 13:12:46	Name: _hjIncludedInSessionSample_3433253 Value: 0
.passagenspromo.com.br/	1970-01-20 13:12:47	Name: _hjSession_3433253 Value: eyJpZCI6Ijg4NTVjMGIyLTk0MmQtNDQyMy1iYzVlLWRmMDY0ZjE4YjgxNCIsImNyZWF0ZWQiOjE2ODkxNjYwOTM3MzIsImluU2FtcGxlIjpmYWxzZX0=
.passagenspromo.com.br/	1970-01-20 13:12:47	Name: _hjAbsoluteSessionInProgress Value: 0
.passagenspromo.com.br/	1970-01-20 22:34:22	Name: _tt_enable_cookie Value: 1
.passagenspromo.com.br/	1970-01-20 22:34:22	Name: _ttp Value: 6QyXfW7e1wIvAcMZGT6Xr0aGZiw
.passagenspromo.com.br/	1970-01-20 13:14:12	Name: _clsk Value: qs4k7f\|1689166094096\|1\|1\|j.clarity.ms/collect
www.passagenspromo.com.br/	1970-01-20 13:55:58	Name: pcrid Value: 2099
www.passagenspromo.com.br/	1970-01-20 13:55:58	Name: pcrtt Value: azul
www.passagenspromo.com.br/	1970-01-20 13:55:58	Name: utm_source Value: site-blog
www.passagenspromo.com.br/	1970-01-20 13:55:58	Name: utm_medium Value: afiliado
www.passagenspromo.com.br/	1969-12-31 23:59:59	Name: puuid Value: 18348687-4b22-4f06-af95-038772a41198

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
b.smrk.io
broker.passagenspromo.com.br
c.bing.com
c.clarity.ms
cdn.pn.vg
cmp.pcr.rec.br
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.googleapis.com
j.clarity.ms
osp-assets.pn.vg
pcr.emitir.com.br
popups.rdstation.com.br
redirecionador.info
region1.analytics.google.com
script.hotjar.com
selo.compreconfie.com.br
static.hotjar.com
stats.g.doubleclick.net
voeazuul.com.br
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.passagenspromo.com.br
broker.passagenspromo.com.br
d335luupugsy2.cloudfront.net
fonts.googleapis.com
region1.analytics.google.com
www.googletagmanager.com
108.138.7.27
20.85.30.134
2001:4860:4802:34::36
23.53.43.98
2606:4700:3030::ac43:9016
2606:4700:3034::6815:5f5f
2606:4700:e4::ac40:a427
2606:4700:e4::ac40:a527
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c09::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.151.225.40
34.68.90.188
35.198.30.30
35.199.118.124
40.121.178.25
5.161.90.154
52.222.236.43
52.222.250.175
68.219.88.97
00897e634966c1884f495f9de18ea5e415332582feaf3a2444bf2159b5ea44c6
037457932606ca4b90c4f66da8916548f78c4739b0b6226cf0a2c1b696da75b7
1155466df416042b347a0e320418dd7852a698a7adba32da345046afefd82e8b
15a2a527311684db4acc9b9a8a05d2aba45cc3d74ece15bc3f297b97a7e7f804
289e96ec0ad3f6f3e89c55854cc34bf77cf9e1ec94332b2c218cd9fe0d231e8e
28b2198e9e69dd3656e208f9787a52b1c4a9948a14a3444b45dcbb91ac89a2fc
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2f16396c7967d8f59e4f3bdf907dada2e3ae960ff5469b29bb6dbb9081eea031
364946b385558aecb640f0329343d59724fa8ab6b3936e690cf7183c3e2d2329
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
5460cc6c0b280977336dc5ee60d6f873274d83815dc4ef7b37c2403a58287d09
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
5ccb88120bca87ab17b6de86f2a9039afe86aa710d965574a22cc7917b2bd25b
5ee7c89525667a5015c6f9c715d35e454219017674dcbd2110a45abea9f5bb62
696ce95ec5c4f965489683b55d96b7ac29a7078c135f8f039cdb87e829d70866
69aa60b98e69d6afd362067c149059ca5f020243524bccc93010090b79dc6ab3
73540dbee5d34de71d02e69f447fbc9e4e697dfc789fe5b04e7b21a9509a6b4b
7599df4965e8a7406ebf554116707ef301851aca5ab0df106302f3653f80ae5e
78d358ba019a1cd3b28a8917560a433fc03f52c2ec058a85bd00f2236cded66e
78da74acdd281b068d0c112ed7fce5f6add64ffaf55f9be183924da6fad5522b
7b77d3a99dd127cdcb726bbf0d50c6a0de0f7ba3cd264536abc63c14d24b3f1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8522d7b842435e98b900b240e2a5a28392bcd0e8804a706150911212852f01d8
85c1d9917ed39961beceac0b7d354ca0f77c0eee80059ccf4a02a5e515ffd60a
8a2ff1ad7707b56927d6c923ec3b8ed9a1a75c628c24112aa1ebcc6a50265247
8eb889e9dd28c3b5e79fa7acb0cf5f4cfa09668f28aa5aaf33ab0a89d7337058
9302ed473e25214282da1708a199ccab0c3a9ad67bb487f22fda957953f1b209
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
9b8d31f7ccea29d05dc8862197fa10605845380417144094a17e8587bba888f4
9bd502bd510950f8c67e0f398eb9880235bd36769c5e1e90c30a5199a63b7b63
a05c7bd787c4e9adca2325bda23df2acda8bd046d4a0242e76b395541b6b9c21
a20cd785dce3dca08e6741504939a0a55a549a4a48ca1b44827071186784c2ea
a2d00138f7c5a196789022de48ec8d3d47b4b704c1db80e9f9ed85b4c82cac71
a96446ae928a833b39605af9211a674118b41271d6732bef41b2c9955087f2ea
ac5d1ab323da68bfcb99b9c258a33a1f6817d434f0c4fdaaab4a9c11e91b8938
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc69af719ca2b19a8e49419d8f37482a1320b6e6156e74f7ac074282b27e0729
bee0551601cae418af548e67aa72f106ab7439bb6c9d41a20484964e1394852d
c14b3440c5653c9ff0ac29e9325625b6343dba6d5ee1baabc97a567d191b1b34
c43d44f3d6dfe72333bf3f59c9f186ebb3551aedb8f842e337fe45e3e1efecda
c7cfdc68221aef15e11cc5112e5af9704ff8067cf1ccad6dab809d035f493f50
c7dc47cffbddb2db0328ca673c066e41c7e6cbf8cefd3e63d33850a727441006
cdba61e5ed5ad0fa4530b9c9eeefdeef42d547195f4418ce1b856781210370d4
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d015a21e2c8e39e9f3866d112a037928be9ab5680cc326133598d2deeacd79e4
d288fc64b0237517c5369bad6e36aa5ec8ea81126e165953ae59734c8a6f89d4
d621b834399afb4b8e43a3771d0a7a098033fa284012c98bfa28e7ae885e316f
d62c41112740a7f981333f2bb052ea14f2e0dda620a516a453db3f67b817d9d9
d69add0487a710451abfb644589a379444d3c75141f4dc923c9cccf164a82ba3
d7543d6cbaef7c7ce292e557e82f89649801888c1134c1e842f0e0b43c82f1b7
d89ebc6051574673ddce30cae9c3b60d289670392ace70fb0d3e9d7209e1622a
d90fd15b1195709c30038dc52c6836fe9804a48d419134a4f19a3b9856007a8f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1bbeada440365152f80356ed32e3c5d468474b81b547e93d176e4f95bd976af
e26efa3c4aaad86ef1b2afbb3e020f41ef6c4d62919580c2f4d23551f7ab412c
e33ee512b9a096c19feced7f7310c8b2f9bcb154b314d8cdd0fdb8a67197e074
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3defd0fedfb4b3b6a3ad75f1798fc973b6f6b8235c726e3431edcb57743921c
e4281cb355154336144e28af7945053ab984aded7e7f7d06537d6630359830a0
ea4503b0422c0566f583f4a0b4fc600ebb9a02bcee5720c75bd05a1c6bee2251
ebf0e23cb47536b87cb333e4c9dd3d0c8a6066fecd8d7154f273aeba1cd44dd8
ed7e85e31f25624222493128aece52525b9c7e23b8452e0de30a7e01054d0f8d
ee5b092fe85fc3bd63f08183cee46fcb0abe781ca0b02800067a64605ecb552b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f280fbd736de3402f93227b26d2178ddd9a0c451e9d841a23a4fc91b7e10c853
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
fa6989153899839e7546886847b35512852d98e048b15f668472bce136fd02a9

www.passagenspromo.com.br Open in urlscan Pro 34.151.225.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

90 %HTTPS

54 %IPv6

22 Domains

28 Subdomains

24 IPs

4 Countries

1464 kBTransfer

3769 kBSize

34 Cookies

5 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.passagenspromo.com.br Open in urlscan Pro
34.151.225.40 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

90 %
HTTPS

54 %
IPv6

22
Domains

28
Subdomains

24
IPs

4
Countries

1464 kB
Transfer

3769 kB
Size

34
Cookies

94 HTTP transactions
0 data transactions