passagenscomdesconto.com Open in urlscan Pro
20.201.24.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.passagenscomdesconto.com/
Effective URL:
https://passagenscomdesconto.com/
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2024, 11:45:27 pm UTC) — Scanned from DE

Summary HTTP 72 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 72 HTTP transactions. The main IP is 20.201.24.124, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is passagenscomdesconto.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 26th 2024. Valid for: 6 months.

This is the only time passagenscomdesconto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	20.201.24.124 20.201.24.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
25	13.107.246.42 13.107.246.42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6811:6fdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:400c:c00::54	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::63 2620:1ec:bdf::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.50.88.238 20.50.88.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	191.235.228.36 191.235.228.36	() ()
72	18

5 20.201.24.124 (Campinas, Brazil) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.passagenscomdesconto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
passagenscomdesconto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.107.246.42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

moblixcdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

mbxrepo-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.238 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 191.235.228.36 (None, )

ASN- ()

repositorio-prod.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	azureedge.net moblixcdn.azureedge.net mbxrepo-cdn.azureedge.net	2 MB
5	passagenscomdesconto.com 1 redirects www.passagenscomdesconto.com passagenscomdesconto.com	443 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773 accounts.google.com — Cisco Umbrella Rank: 46	85 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	161 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	277 KB
3	azurewebsites.net repositorio-prod.azurewebsites.net	595 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	272 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5708 onesignal.com — Cisco Umbrella Rank: 1415	66 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 853	200 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1932	57 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	250 B
72	15

	Domain	Requested by
25	moblixcdn.azureedge.net	passagenscomdesconto.com moblixcdn.azureedge.net
8	mbxrepo-cdn.azureedge.net	passagenscomdesconto.com
4	connect.facebook.net	passagenscomdesconto.com connect.facebook.net
4	www.googletagmanager.com	passagenscomdesconto.com www.googletagmanager.com
4	passagenscomdesconto.com	passagenscomdesconto.com moblixcdn.azureedge.net
3	repositorio-prod.azurewebsites.net
3	www.facebook.com	passagenscomdesconto.com connect.facebook.net
3	cdnjs.cloudflare.com	passagenscomdesconto.com cdnjs.cloudflare.com
2	dc.services.visualstudio.com	js.monitor.azure.com
2	accounts.google.com	moblixcdn.azureedge.net accounts.google.com
2	region1.google-analytics.com	www.googletagmanager.com js.monitor.azure.com
2	cdn.onesignal.com	passagenscomdesconto.com cdn.onesignal.com
2	region1.analytics.google.com	www.googletagmanager.com js.monitor.azure.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	js.monitor.azure.com	passagenscomdesconto.com
1	onesignal.com	cdn.onesignal.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	passagenscomdesconto.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.passagenscomdesconto.com	1 redirects
72	21

This site contains links to these domains. Also see Links.

Domain
instagram.com
transparencyreport.google.com
facebook.com
apidevoos.com
web.whatsapp.com

Subject Issuer	Validity	Valid
passagenscomdesconto.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-04-26` - `2024-10-26`	6 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-10` - `2024-08-08`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 03	`2024-06-24` - `2025-06-19`	a year	crt.sh
onesignal.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
accounts.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-05-22` - `2025-05-17`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-24` - `2025-06-19`	a year	crt.sh
*.azurewebsites.net Microsoft Azure RSA TLS Issuing CA 08	`2024-05-24` - `2025-05-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://passagenscomdesconto.com/
Frame ID: E945FC5A2B745703979E045F02980A64
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nipontravel - Compre passagens com até 50% de desconto!

Page URL History Show full URLs

https://www.passagenscomdesconto.com/ HTTP 302
https://passagenscomdesconto.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

100 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

18
IPs

5
Countries

4241 kB
Transfer

8349 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/passagenscomdesconto.com.br
Title: passagenscomdesconto.com.br

Search URL Search Domain Scan URL

URL: https://transparencyreport.google.com/safe-browsing/search?url=https://passagenscomdesconto.com&hl=pt_BR

Search URL Search Domain Scan URL

URL: https://facebook.com/nipontravel

Search URL Search Domain Scan URL

URL: https://apidevoos.com/
Title: criado com Moblix ©

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?phone=+5561991093333

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.passagenscomdesconto.com/ HTTP 302
https://passagenscomdesconto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
passagenscomdesconto.com/
Redirect Chain

https://www.passagenscomdesconto.com/
https://passagenscomdesconto.com/

127 KB
35 KB

1585ms
822ms

Document
text/html

20.201.24.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://passagenscomdesconto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 081869260c1fcd175c1fc307fcd81a30a1ef543d7c2c658e204ab12737b17a6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Encoding: gzip
Content-Length: 34603
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jul 2024 23:45:19 GMT
Request-Context: appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Access-Control-Expose-Headers: Request-Context
Content-Length: 150
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jul 2024 23:45:17 GMT
Location: https://passagenscomdesconto.com/
Request-Context: appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
80 KB 42ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fc72473afb996c8cda55573b75814999ef4124db92e16e905f8e3ea27835dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81977
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 22:17:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jul 2024 23:45:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9Y2GWFGPCS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb068bb750a51179a8043726e4820ef723ec3531875c26f91282a9ee6c9b7dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jul 2024 23:45:19 GMT

GET
H2 200 hotjar-2170527.js Show response
static.hotjar.com/c/ 11 KB
5 KB 94ms
39ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2170527.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

c42e87c66233e703971f35c12dd124fe6e57346640da63693c102865bc0c8dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 31 Jul 2024 23:45:19 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/ac9be80710384a1c4ee4b34d024afde0
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: OYXJJPbeB5cNENSNpgQAXjUhs-tg--TKeLq2Ne2jvWyr0xSP7UV5gw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jul 2024 23:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1814
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 01 Aug 2024 01:15:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 Jul 2024 23:45:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 9458ruI23hUG6wrfTh+fxhuJM7H1UqqL+AFT3SO9V1Mxc8f3Yvn5CAVYibuocD5+OoHvXk6tHG8UcIomw2GFBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1419859977&t=pageview&_s=1&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&ul=de-de&de=UTF-8&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1385057047&gjid=2046940407&cid=1345597686.1722469520&tid=UA-179202165-1&_gid=25532073.1722469520&_r=1&_slc=1&gtm=45He47v0n81TZGS9XDv833925342za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=1296059440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://passagenscomdesconto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 827220801251107 Show response
connect.facebook.net/signals/config/ 71 KB
15 KB 129ms
128ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/827220801251107?v=2.9.162&r=stable&domain=passagenscomdesconto.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50cef1bb003705fcde0c7aee958b119faafb2bc47fe50008f7f9bfc7909839d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 Jul 2024 23:45:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 59
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=64, mss=1328, tbw=64188, tp=-1, tpl=-1, uplat=120, ullat=0
pragma: public
x-fb-debug: 4hZ6JoXINfbgvIBiCe/+3ASEeX9Awha0HdJileUknsNTxL2nptq6JOVX+69c5hnltoIY9tQRXi/9tXZOXwmz/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 15ms
15ms Image
text/plain 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-9Y2GWFGPCS&v=3&t=t&pid=956521256&dl=passagenscomdesconto.com%2F&tdp=G-9Y2GWFGPCS;71511827;1;6;0&frm=0&rtg=33925342&rlo=0&slo=0&hlo=2&lst=1&pcid=33925342&z=0
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:19 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 40ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9Y2GWFGPCS&gtm=45je47v0v871511827z8833925342za200zb833925342&_p=1722469519453&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1345597686.1722469520&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722469519&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=page_view&_fv=1&_ss=1&tfd=2748
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Y2GWFGPCS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://passagenscomdesconto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 71ms
22ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9Y2GWFGPCS&cid=1345597686.1722469520&gtm=45je47v0v871511827z8833925342za200zb833925342&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Y2GWFGPCS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://passagenscomdesconto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9Y2GWFGPCS&cid=1345597686.1722469520&gtm=45je47v0v871511827z8833925342za200zb833925342&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752&tag_exp=95250752&z=1827208127

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 38ms
6ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2170527.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 120133
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zpIq6zlduDQ8SrJc6rEdWERyJzAB_NdCoed2NdlZH6PsCHSM3VcyPw==

GET
H2 200 ExternoStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 316 KB
63 KB 459ms
17ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5ec4460b0b6fda9cb67d66b88224afc928e554aa160150a4b57e139d728f1c71

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncx
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 ElementUiStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 233 KB
51 KB 458ms
16ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2ff231c1642368b8cadc24f3f4f6c77a34a6caac2e91feafcf71350942d2274b

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncw
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 MasterStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 265 KB
61 KB 457ms
16ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/MasterStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 412a2ef57cefff994929ece86375e41da1bea72f3d9d817643130815667f9f71

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncv
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 _header7.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 3 KB
1 KB 453ms
12ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/_header7.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 27df3b169693edc4cd552ac30048e2bc00e3f84a17564e8f0897a9cab2e2343a

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncu
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 HomeStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 71 KB
18 KB 458ms
17ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/HomeStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1e35d400c3c2cc9eb28e048db7edfc04fdddb5ae44b1c1d2e77447068fc7a6af

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncy
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 whatsapp-mini.webp
moblixcdn.azureedge.net/images/ 3 KB
3 KB 479ms
38ms Image
image/webp 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moblixcdn.azureedge.net/images/whatsapp-mini.webp?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: eff023dda00a3f63fd8b8dc285566185fbbba5d0f2633d870228be955cada72b

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
last-modified: Wed, 31 Jul 2024 19:49:28 GMT
etag: "054c1c082e3da1:0"
x-powered-by: ASP.NET
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nct
x-cache: TCP_HIT
content-type: webp
access-control-allow-origin: *
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451
accept-ranges: bytes
content-length: 3034

GET
H3 200 OneSignalSDK.page.js Show response
cdn.onesignal.com/sdks/web/v16/ 2 KB
1 KB 36ms
18ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1607
etag: W/"19fb0fd50e69d6b97e1badc837a6dff2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8ac17621c8b63aa0-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 23:45:19 GMT

GET
H2 200 VueScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 129 KB
56 KB 24ms
22ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/VueScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 0c11cedb64ab8037f193ef8c7a694c35dc75c56b8687e17784361d816551948a

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:32 GMT
etag: W/"0cc5cee87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nd0
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 ElementUiScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 582 KB
198 KB 24ms
22ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/ElementUiScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 447cdff2f8e96dd929f2eb647911a92d41d623aed6e64072f630a9a8f686262c

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:32 GMT
etag: W/"0cc5cee87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nd1
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 JqueryScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 84 KB
37 KB 24ms
22ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/JqueryScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: fe10ff2d84aa09c638cd2dd6d40bdbc7535d83807cd0cabd78e119c8fe9283ed

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nd2
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 AirDatePickerScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 36 KB
13 KB 24ms
22ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/AirDatePickerScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 3ccd5018f155d5113cc284a368948b2604f8815de90a32f3dcdfcb395960446a

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:32 GMT
etag: W/"0cc5cee87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nd3
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 MasterScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 126 KB
51 KB 23ms
21ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 96928d266fc78f16b480150c5993252201cdb1ae81bcc2a2f0e8cc7bffc293ec

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nd4
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 100 KB
19 KB 25ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 629804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18752
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-4940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2z3TKayZHAsHHZnYxwbmJ7MQFzLAOvGCpSGB1Lgpy7ugf%2BPGlKI7CyYzo7WnvT36bTwGOKOvIYrf19Hv2MXAp%2Bn003NXQ55h795LKsHXG66tH%2FPCbXqs9%2FAePphjZPL0FZtVq2X1jAfNcavi4XZ0J72"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ac17621bed23a44-FRA
expires: Mon, 21 Jul 2025 23:45:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XHS86F5EDS

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5d7661a282747c788a11afc1990f044971cc73449940831d9997a07daada9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95727
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jul 2024 23:45:19 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8d05292007c8fff703d3448d2529ba07f67e0087b59ee658ccd09898640eb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jul 2024 23:45:19 GMT
content-md5: Ly123m1mX0G5ENowzuPRhg==
document-policy: force-load-at-top
x-fb-server-load: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4361, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: tj4r4Cu/z4rn9VjLIamc1Q8tufcPeeY6yCHElQL5xP7QYrRLLTziC6yMeKn3uz5EZVeCkYChctWkDMEx7aBoGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9330e785c554eea1f4e5e1d6ef778c9e
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "090ec126229ade44921f8ad890457eb9"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 31 Jul 2024 23:57:37 GMT

GET
H3 200 OneSignalSDK.page.es6.js Show response
cdn.onesignal.com/sdks/web/v16/ 259 KB
63 KB 24ms
24ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2117
etag: W/"2d5effdf1f67f3d889acd0f923ae833f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8ac17621f8cf3aa0-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 23:45:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 17ms
16ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XHS86F5EDS&gtm=45je47v0v884176782za200&_p=1722469519453&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1345597686.1722469520&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722469519&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2857
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHS86F5EDS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://passagenscomdesconto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=17eba8ba3f468eef3349f685ee633e2c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb6c60798eab7393f53bb62c004bbfa4a731c112114f0879976c35a28a29d24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://passagenscomdesconto.com/
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jul 2024 23:45:19 GMT
content-md5: NqQpnKLNPrYBkmA+ft0KUQ==
document-policy: force-load-at-top
x-fb-server-load: 51
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87095
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 42kL2YF8YWxWlLQEGjaMII6t+D5L+Nm29ZfDKEq7tRjZfP352yOJLQSBV9zlzAcPowe3AOV/UySEDuEA4zDcqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 21e318492b7a9faaf1f286f3dd0a937a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "27a6a6463a0288e293ff403a35ef2444"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Jul 2025 18:43:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 28ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=827220801251107&ev=PageView&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&rl=&if=false&ts=1722469519745&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1722469519743.20910800715182738&cs_est=true&ler=empty&cdl=API_unavailable&it=1722469519577&coo=false&rqm=GET

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 31 Jul 2024 23:45:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 164ms
145ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=827220801251107&ev=PageView&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&rl=&if=false&ts=1722469519745&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1722469519743.20910800715182738&cs_est=true&ler=empty&cdl=API_unavailable&it=1722469519577&coo=false&rqm=FGET

Requested by

Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 31 Jul 2024 23:45:19 GMT
document-policy: force-load-at-top
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397950252779794719", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1328, tbw=4761, tp=-1, tpl=-1, uplat=136, ullat=0
pragma: no-cache
x-fb-debug: z3keppYAhywE9MyID6CfOjLrEHx7xC2EOx4aBEbJaFB6KAuhVsDwec66syTB7n/t6JDyo7l/2Sx659eAO0QfIQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397950252779794719"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 46ms
43ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=871243816855558&input_token&origin=1&redirect_uri=https%3A%2F%2Fpassagenscomdesconto.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=17eba8ba3f468eef3349f685ee633e2c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 31 Jul 2024 23:45:19 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397950252728647188", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3117, tp=-1, tpl=-1, uplat=33, ullat=0
pragma: no-cache
x-fb-debug: SfCfrEM0V2xBG/86TuDZ3cs/pXLoFR4uhaktK1Bfzcbu/yAHlUnFosG4O4DPYF/pkS4AKH1LvgsZ6s06JkDH0w==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397950252728647188"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://passagenscomdesconto.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 _header7.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 3 KB
0 2ms
2ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/_header7.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 27df3b169693edc4cd552ac30048e2bc00e3f84a17564e8f0897a9cab2e2343a

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncu
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 HomeStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 71 KB
0 0ms
0ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/HomeStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1e35d400c3c2cc9eb28e048db7edfc04fdddb5ae44b1c1d2e77447068fc7a6af

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncy
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 ElementUiStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 233 KB
0 0ms
0ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2ff231c1642368b8cadc24f3f4f6c77a34a6caac2e91feafcf71350942d2274b

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncw
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 MasterStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 265 KB
0 1ms
1ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/MasterStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 412a2ef57cefff994929ece86375e41da1bea72f3d9d817643130815667f9f71

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncv
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 ExternoStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 316 KB
0 0ms
0ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5ec4460b0b6fda9cb67d66b88224afc928e554aa160150a4b57e139d728f1c71

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ncx
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 br.svg
moblixcdn.azureedge.net/images/flags/ 8 KB
3 KB 22ms
22ms Image
image/svg+xml 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moblixcdn.azureedge.net/images/flags/br.svg
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 65c4244693069fc46570c19193ce32be5a6deb6e3001d647f2f60afcb9711a87

Request headers

Referer: https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 19:49:28 GMT
etag: W/"054c1c082e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ndb
content-type: image/svg+xml
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H/1.1 200
OK SFProDisplay.ttf
passagenscomdesconto.com/fonts/ 404 KB
405 KB 796ms
212ms Font
application/octet-stream 20.201.24.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://passagenscomdesconto.com/fonts/SFProDisplay.ttf
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 287c6e4aa1d5a485f6782cff039adabedec8f0510238a1fc900a60a9fc77e575

Request headers

Referer: https://passagenscomdesconto.com/
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 23:45:20 GMT
Last-Modified: Wed, 31 Jul 2024 19:49:28 GMT
Server: Microsoft-IIS/10.0
ETag: "054c1c082e3da1:0"
X-Powered-By: ASP.NET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Accept-Ranges: bytes
Content-Length: 413924

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 105 KB
106 KB 15ms
14ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 623620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 108020
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-1a5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5ziG1Bcp%2BuOmr6%2Fv%2BnawSuiTZ83xG7x%2FnvmiTiWWWYjGn%2B26MT8OkdGdycqrCF%2BFeB2SmK46LpcSOBSIJKnutd8D0GhmC8syip6W4tdQdzQVp%2FfJ05ZrjwLZFh%2FTupckj1OVIw%2FbKwACVfx6npoQIbo"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ac17625895c3a44-FRA
expires: Mon, 21 Jul 2025 23:45:20 GMT

GET
H2 200 element-icons.woff
moblixcdn.azureedge.net/Assets/Bundles/css/fonts/ 28 KB
28 KB 386ms
46ms Font
font/woff 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/fonts/element-icons.woff
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17

Request headers

Referer: https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
last-modified: Wed, 31 Jul 2024 19:49:26 GMT
etag: "02790bf82e3da1:0"
x-powered-by: ASP.NET
x-azure-ref: 20240731T234520Z-r185d5857fbwz7wx7fyggruc5w00000009eg00000000gdp4
x-cache: TCP_HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=15552000
x-fd-int-roxy-purgeid: 73737451
accept-ranges: bytes
content-length: 28200

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 147 KB
147 KB 41ms
41ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1151609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150124
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6421d693-24a6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iW9mB%2Fr0RMKi5z1dz86SLBGQ2NhpE5LZ9IbWIW8Ds%2B9wida6ICcY5wpYMB%2BXVhRQZvm2tM0OnMfAFG74DS5mWJnjSgZmkzoM2ufnM0CEqCLPa%2FeQtFOUiZwbwHPGei8YhchuZgnyE2IxI6lnOhutHbxt"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ac17625895d3a44-FRA
expires: Mon, 21 Jul 2025 23:45:20 GMT

GET
H2 200 540.ico
mbxrepo-cdn.azureedge.net/prod/iconagencia/540/ 1 KB
1 KB 853ms
777ms Image
image/x-icon 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/iconagencia/540/540.ico?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ea42bf4e19e094ea2bd5f6c5183e3779e5cacf123cd3d5438bc31662e9f8cfaa

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:20 GMT
last-modified: Wed, 31 Jul 2024 03:06:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: O6YI3QCJOnYS7F6Z475kqA==
etag: 0x8DCB10DBD35EBC2
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: 1f82c2ad-201e-0058-4ea3-e3a1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 1150
expires: Thu, 31 Jul 2025 23:45:21 GMT

GET
H2 200 whatsapp-mini.webp
moblixcdn.azureedge.net/images/ 3 KB
0 0ms
0ms Image
image/webp 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moblixcdn.azureedge.net/images/whatsapp-mini.webp?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: eff023dda00a3f63fd8b8dc285566185fbbba5d0f2633d870228be955cada72b

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
last-modified: Wed, 31 Jul 2024 19:49:28 GMT
etag: "054c1c082e3da1:0"
x-powered-by: ASP.NET
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nct
x-cache: TCP_HIT
content-type: webp
access-control-allow-origin: *
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451
accept-ranges: bytes
content-length: 3034

POST
H/1.1 200
OK PegarScript Show response
passagenscomdesconto.com/config/ 121 B
743 B 795ms
795ms XHR
application/json 20.201.24.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://passagenscomdesconto.com/config/PegarScript
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/VueScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8854edc9e95f77d101db0fce7271ade62ffd4f7fa90cfcefa33133421b33e15c

Request headers

Accept: application/json, text/plain, */*
Referer: https://passagenscomdesconto.com/
ControllerName: home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 31 Jul 2024 23:45:20 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 211
Request-Context: appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8

GET
H2 200 jquery.ajaxchimp.min.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 2 KB
1 KB 10ms
10ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/jquery.ajaxchimp.min.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 07cfb74ced57cca33309ab20dc95957df4d0105787db04de579efedea455a62f

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ndc
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H3 200 web Show response
onesignal.com/api/v1/sync/84c15f6b-a81f-470d-b975-226b0fb54bff/ 3 KB
2 KB 86ms
78ms Script
text/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/84c15f6b-a81f-470d-b975-226b0fb54bff/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965e14f64d4eeb0d63bb51c02e43ae8db74831849fb8d8f114c04138b84f35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3ab4a2f5-1b23-4a5a-bb54-be75021ef7bc
x-runtime: 0.039899
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"965e14f64d4eeb0d63bb51c02e43ae8d"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8ac17625ab2f3aa0-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 01 Aug 2024 00:45:20 GMT

GET
H2 200 CardPesquisaScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 24 KB
8 KB 18ms
13ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/CardPesquisaScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 09ee4eed8b8041877d732d0114e950e4866714116ceb073451a4bf1277107418

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ndf
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 CardPesquisaStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 17 KB
5 KB 18ms
13ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/CardPesquisaStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: a5501c1e278fb299f552a4c9395a8048add83caefa1f957eef5e20cbf91b9400

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ndd
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 ContainerOfertasScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 4 KB
2 KB 18ms
13ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/ContainerOfertasScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 732b276de1bc8315b1df6e39139f39dff8558119498c2b1ba7459f1fc988d644

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:26 GMT
etag: W/"045c9ea87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ndg
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 ContainerOfertasStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 6 KB
2 KB 20ms
16ms Stylesheet
text/css 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ContainerOfertasStyle.css?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 33ce3b2a8914e90b4cf66de6574be9dc824c88804fdc110f0c4f9acf04e339a2

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:24 GMT
etag: W/"01898e987e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008nde
content-type: text/css
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 InstagramScript.js Show response
moblixcdn.azureedge.net/Assets/Bundles/js/ 1 KB
918 B 32ms
28ms Script
application/x-javascript 13.107.246.42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/InstagramScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 13c48e85b15129616d8ad27b3f9e41e08c1e25fd58dfb87dcaaf09683c113e69

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-encoding: br
last-modified: Wed, 31 Jul 2024 20:26:32 GMT
etag: W/"0cc5cee87e3da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-azure-ref: 20240731T234520Z-16b8f8f97cf682sk2gnzfptnss00000009e0000000008ndh
content-type: application/x-javascript
access-control-allow-origin: *
x-cache: TCP_HIT
cache-control: public, max-age=15552000
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 73737451

GET
H2 200 540_300x300.webp
mbxrepo-cdn.azureedge.net/prod/logoagencia/540/ 3 KB
4 KB 820ms
770ms Image
image/webp 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/logoagencia/540/540_300x300.webp?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e49715fc999735ff85fbd6096bd1cfc8c01430c874e54d523b1e6cc8110aec18

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:20 GMT
last-modified: Sat, 27 Jul 2024 10:36:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: fH0EVIiVCHi3bS5m8Q1iWw==
etag: 0x8DCAE27F7DE73D8
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: d198452d-301e-006b-55a3-e3fe77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 3238
expires: Thu, 31 Jul 2025 23:45:21 GMT

POST
H/1.1 200
OK Get Show response
passagenscomdesconto.com/Ofertas/ 6 KB
2 KB 4031ms
3445ms XHR
application/json 20.201.24.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://passagenscomdesconto.com/Ofertas/Get?size=4
Requested by: Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/VueScript.js?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2830c7baafeb73f6c1137fbecffb215bb4fffc3830f61232d2fc7451ddedc594

Request headers

Accept: application/json, text/plain, */*
Referer: https://passagenscomdesconto.com/
ControllerName: home
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 31 Jul 2024 23:45:23 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 1280
Request-Context: appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8

GET
H2 200 client Show response
accounts.google.com/gsi/ 221 KB
84 KB 75ms
36ms Script
application/javascript 2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=8a8eaba51caee7a8258b31cdac59b950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a764c376227640ab2021e6c9e7149e0905439f9afbdd89b7d7d2a3e41c22a25a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D9Ne845HANIcADRcrve0Vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-D9Ne845HANIcADRcrve0Vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 31 Jul 2024 23:45:20 GMT

GET
H2 200 540_1920x900.webp
mbxrepo-cdn.azureedge.net/prod/fundoagencia/540/ 2 MB
2 MB 784ms
784ms Image
image/webp 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/fundoagencia/540/540_1920x900.webp?v=8a8eaba51caee7a8258b31cdac59b950
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: af4e14f1e8000f10d50b26ae665b4d3e54b8e480e35571e4750d02ee3543e81d

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:20 GMT
last-modified: Wed, 08 May 2024 21:40:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: OBX/1Ttss47i/peqSMagBA==
etag: 0x8DC6FA777A7DC75
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: c200665b-001e-002d-3da3-e3caf0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 1624518
expires: Thu, 31 Jul 2025 23:45:21 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 33ms
33ms Stylesheet
text/css 2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XNrYBBFbRO1W3a9jqd0UNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-XNrYBBFbRO1W3a9jqd0UNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 31 Jul 2024 23:45:20 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
57 KB 148ms
15ms Script
text/javascript 2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

Referer: https://passagenscomdesconto.com/
Origin: https://passagenscomdesconto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 23:45:22 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver: 2.8.18
vary: Accept-Encoding
x-azure-ref: 20240731T234522Z-16b8f8f97cfftxjgfhqwuq2h0w000000020000000000qhkd
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b4c10107-401e-00fc-6e8a-dd68b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 540.ico
mbxrepo-cdn.azureedge.net/prod/iconagencia/540/ 1 KB
1 KB 201ms
200ms Other
image/x-icon 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mbxrepo-cdn.azureedge.net/prod/iconagencia/540/540.ico?v=8a8eaba51caee7a8258b31cdac59b950?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ea42bf4e19e094ea2bd5f6c5183e3779e5cacf123cd3d5438bc31662e9f8cfaa

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:22 GMT
last-modified: Wed, 31 Jul 2024 03:06:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: O6YI3QCJOnYS7F6Z475kqA==
etag: 0x8DCB10DBD35EBC2
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: 1f82c47e-201e-0058-73a3-e3a1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 1150
expires: Thu, 31 Jul 2025 23:45:22 GMT

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 387ms
27ms Preflight 20.50.88.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://passagenscomdesconto.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 31 Jul 2024 23:45:23 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 199ms
197ms XHR
application/json 20.50.88.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

186c9af1b9c9d13a4320619e18ba36ef7b1f347f32be188f9f3f211745c12089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://passagenscomdesconto.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 23:45:23 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H2 200 3_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20guarulhos/ 47 KB
0 768ms
768ms Image
image/webp 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20guarulhos/3_360x292.webp?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:24 GMT
last-modified: Wed, 31 Jul 2024 18:22:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: XJpEQGxkQQTuH1Tf3z5MSw==
etag: 0x8DCB18DB03003A3
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: f8ce8e6f-f01e-0006-4ea3-e34a3c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 172800
expires: Thu, 31 Jul 2025 23:45:25 GMT

GET
H2 200 3_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/rio%20de%20janeiro%20-%20gale%c3%a3o/ 6 KB
6 KB 772ms
772ms Image
image/webp 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/places/rio%20de%20janeiro%20-%20gale%c3%a3o/3_360x292.webp?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3782d02ce2c6b139805d4b71bac915e516798acdef6e448ad285237d3616ceef

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:24 GMT
last-modified: Wed, 31 Jul 2024 15:40:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: lYRq8aqj/teWTYlq2vi2sw==
etag: 0x8DCB1771E73F998
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 9cbc6449-501e-0042-46a3-e3c003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 6276
expires: Thu, 31 Jul 2025 23:45:25 GMT

GET
H2 200 5_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/belo%20horizonte%20-%20confins/ 47 KB
0 765ms
765ms Image
image/webp 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/places/belo%20horizonte%20-%20confins/5_360x292.webp?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:24 GMT
last-modified: Wed, 31 Jul 2024 15:23:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: uD01I7Sb4hWLqlMNX7H/HQ==
etag: 0x8DCB174BEA35700
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 46d0e1e5-401e-0003-51a3-e398e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 258336
expires: Thu, 31 Jul 2025 23:45:25 GMT

GET
H2 200 1_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/campinas%20-%20viracopos/ 47 KB
0 762ms
762ms Image
image/webp 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbxrepo-cdn.azureedge.net/prod/places/campinas%20-%20viracopos/1_360x292.webp?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 23:45:24 GMT
last-modified: Wed, 31 Jul 2024 15:27:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: gBccJkALMjiCiyNS4rkoiw==
etag: 0x8DCB1755A104B88
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: d438fa7e-a01e-001b-31a3-e34780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
content-length: 176622
expires: Thu, 31 Jul 2025 23:45:25 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 14ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9Y2GWFGPCS&gtm=45je47v0v871511827za200zb833925342&_p=1722469519453&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1345597686.1722469520&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722469519&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=scroll&epn.percent_scrolled=90&_et=2&tfd=7752
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://passagenscomdesconto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XHS86F5EDS&gtm=45je47v0v884176782za200&_p=1722469519453&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1345597686.1722469520&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722469519&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=scroll&epn.percent_scrolled=90&_et=3&tfd=7860
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 23:45:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://passagenscomdesconto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1_360x292
repositorio-prod.azurewebsites.net/api/repository/places/Campinas%20-%20Viracopos/ 172 KB
173 KB 1102ms
399ms Image
image/webp 191.235.228.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://repositorio-prod.azurewebsites.net/api/repository/places/Campinas%20-%20Viracopos/1_360x292?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 191.235.228.36 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f715b88c17bede3cdccf1c5bcc28a86b412328230d78291db2d1bbcb3443b03e

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 23:45:25 GMT
Cache-Control: max-age=86400
Last-Modified: Thu, 14 Mar 2024 17:55:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 176622
Content-Type: image/webp

GET
H/1.1 200
OK 5_360x292
repositorio-prod.azurewebsites.net/api/repository/places/Belo%20Horizonte%20-%20Confins/ 252 KB
253 KB 1090ms
388ms Image
image/webp 191.235.228.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://repositorio-prod.azurewebsites.net/api/repository/places/Belo%20Horizonte%20-%20Confins/5_360x292?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 191.235.228.36 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b6a54f29ea45424edf1d2495ba3287aaf7fc444d97603240f61c2adef7dc68c6

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 23:45:25 GMT
Cache-Control: max-age=86400
Last-Modified: Tue, 12 Mar 2024 14:50:42 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 258336
Content-Type: image/webp

GET
H/1.1 200
OK 3_360x292
repositorio-prod.azurewebsites.net/api/repository/places/S%C3%A3o%20Paulo%20-%20Guarulhos/ 169 KB
169 KB 1056ms
354ms Image
image/webp 191.235.228.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://repositorio-prod.azurewebsites.net/api/repository/places/S%C3%A3o%20Paulo%20-%20Guarulhos/3_360x292?v=8a8eaba51caee7a8258b31cdac59b950
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 191.235.228.36 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2ab3ed87dccfc4bf05366945d2d89c4921a1b8f11b90b7a5c6794a96f2591d6a

Request headers

Referer: https://passagenscomdesconto.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 23:45:25 GMT
Cache-Control: max-age=86400
Last-Modified: Wed, 16 Aug 2023 15:37:15 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 172800
Content-Type: image/webp

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.passagenscomdesconto.com/	1970-01-20 22:27:53	Name: TiPMix Value: 1.0023918018573386
.www.passagenscomdesconto.com/	1970-01-20 22:27:53	Name: x-ms-routing-name Value: self
.passagenscomdesconto.com/	1970-01-20 22:27:53	Name: x-ms-routing-name Value: self
.passagenscomdesconto.com/	1970-01-20 22:27:53	Name: TiPMix Value: 41.09603173577187
passagenscomdesconto.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 5425ylhk1ujq54biuizha0o0
passagenscomdesconto.com/	1970-01-20 22:28:32	Name: culture_selected Value: de-DE
passagenscomdesconto.com/	1970-01-20 22:28:33	Name: moeda_portal Value: BRL
.passagenscomdesconto.com/	1970-01-20 22:29:15	Name: _gid Value: GA1.2.25532073.1722469520
.passagenscomdesconto.com/	1970-01-20 22:27:49	Name: _gat_UA-179202165-1 Value: 1
.passagenscomdesconto.com/	1970-01-21 08:03:49	Name: _ga Value: GA1.1.1345597686.1722469520
.passagenscomdesconto.com/	1970-01-21 08:03:49	Name: _ga_9Y2GWFGPCS Value: GS1.1.1722469519.1.0.1722469519.60.0.0
.onesignal.com/	1970-01-20 22:27:51	Name: __cf_bm Value: ocP73W8ecFlmi2Apm9CTUNaj48eyeLj5a8j1eROQK0s-1722469519-1.0.1.1-D8IMjDzsDBUqmdDkRcifCyVLnP_QEB97u8BBNo.U5dyouFP44QBhlh2l56U.4X7P_j1HmidvSPb.Vc2CVe0wog
.passagenscomdesconto.com/	1970-01-21 08:03:49	Name: _ga_XHS86F5EDS Value: GS1.1.1722469519.1.0.1722469519.0.0.0
.passagenscomdesconto.com/	1970-01-21 00:37:25	Name: _fbp Value: fb.1.1722469519743.20910800715182738
.passagenscomdesconto.com/	1970-01-21 07:13:25	Name: _hjSessionUser_2170527 Value: eyJpZCI6IjdkNGY5NjE2LTY4OGMtNTRmNy1hMDc2LTcwZWUxYmFkM2VmYyIsImNyZWF0ZWQiOjE3MjI0Njk1MjAyMzIsImV4aXN0aW5nIjpmYWxzZX0=
.passagenscomdesconto.com/	1970-01-20 22:27:51	Name: _hjSession_2170527 Value: eyJpZCI6IjYyMDU2M2UxLWQzNzItNDE2Mi1hZDMxLTVmYTk0NDMyNmE2ZCIsImMiOjE3MjI0Njk1MjAyMzIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
passagenscomdesconto.com/	1970-01-21 07:13:25	Name: ai_user Value: 4eviPFnyxQjQ9w69NYDpMo\|2024-07-31T23:45:22.625Z
passagenscomdesconto.com/	1970-01-20 22:27:51	Name: ai_session Value: 66w/JGYhkWzBWGA4f87Q0X\|1722469522628\|1722469522628

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://passagenscomdesconto.com/ Message: Provider's accounts list is empty.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
dc.services.visualstudio.com
js.monitor.azure.com
mbxrepo-cdn.azureedge.net
moblixcdn.azureedge.net
onesignal.com
passagenscomdesconto.com
region1.analytics.google.com
region1.google-analytics.com
repositorio-prod.azurewebsites.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.passagenscomdesconto.com
13.107.246.42
13.32.27.107
18.66.102.51
191.235.228.36
20.201.24.124
20.50.88.238
2001:4860:4802:34::36
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
2606:4700::6811:6fdf
2620:1ec:bdf::63
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::54
2a00:1450:400c:c04::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6
07cfb74ced57cca33309ab20dc95957df4d0105787db04de579efedea455a62f
081869260c1fcd175c1fc307fcd81a30a1ef543d7c2c658e204ab12737b17a6c
09ee4eed8b8041877d732d0114e950e4866714116ceb073451a4bf1277107418
0c11cedb64ab8037f193ef8c7a694c35dc75c56b8687e17784361d816551948a
13c48e85b15129616d8ad27b3f9e41e08c1e25fd58dfb87dcaaf09683c113e69
186c9af1b9c9d13a4320619e18ba36ef7b1f347f32be188f9f3f211745c12089
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e35d400c3c2cc9eb28e048db7edfc04fdddb5ae44b1c1d2e77447068fc7a6af
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
1fc72473afb996c8cda55573b75814999ef4124db92e16e905f8e3ea27835dbd
27df3b169693edc4cd552ac30048e2bc00e3f84a17564e8f0897a9cab2e2343a
2830c7baafeb73f6c1137fbecffb215bb4fffc3830f61232d2fc7451ddedc594
287c6e4aa1d5a485f6782cff039adabedec8f0510238a1fc900a60a9fc77e575
2ab3ed87dccfc4bf05366945d2d89c4921a1b8f11b90b7a5c6794a96f2591d6a
2ff231c1642368b8cadc24f3f4f6c77a34a6caac2e91feafcf71350942d2274b
33ce3b2a8914e90b4cf66de6574be9dc824c88804fdc110f0c4f9acf04e339a2
3782d02ce2c6b139805d4b71bac915e516798acdef6e448ad285237d3616ceef
3ccd5018f155d5113cc284a368948b2604f8815de90a32f3dcdfcb395960446a
412a2ef57cefff994929ece86375e41da1bea72f3d9d817643130815667f9f71
447cdff2f8e96dd929f2eb647911a92d41d623aed6e64072f630a9a8f686262c
50cef1bb003705fcde0c7aee958b119faafb2bc47fe50008f7f9bfc7909839d1
5ec4460b0b6fda9cb67d66b88224afc928e554aa160150a4b57e139d728f1c71
65c4244693069fc46570c19193ce32be5a6deb6e3001d647f2f60afcb9711a87
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
732b276de1bc8315b1df6e39139f39dff8558119498c2b1ba7459f1fc988d644
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
8854edc9e95f77d101db0fce7271ade62ffd4f7fa90cfcefa33133421b33e15c
965e14f64d4eeb0d63bb51c02e43ae8db74831849fb8d8f114c04138b84f35cf
96928d266fc78f16b480150c5993252201cdb1ae81bcc2a2f0e8cc7bffc293ec
a5501c1e278fb299f552a4c9395a8048add83caefa1f957eef5e20cbf91b9400
a764c376227640ab2021e6c9e7149e0905439f9afbdd89b7d7d2a3e41c22a25a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
af4e14f1e8000f10d50b26ae665b4d3e54b8e480e35571e4750d02ee3543e81d
b6a54f29ea45424edf1d2495ba3287aaf7fc444d97603240f61c2adef7dc68c6
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
c42e87c66233e703971f35c12dd124fe6e57346640da63693c102865bc0c8dfc
d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49715fc999735ff85fbd6096bd1cfc8c01430c874e54d523b1e6cc8110aec18
e5d7661a282747c788a11afc1990f044971cc73449940831d9997a07daada9d3
ea42bf4e19e094ea2bd5f6c5183e3779e5cacf123cd3d5438bc31662e9f8cfaa
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eb068bb750a51179a8043726e4820ef723ec3531875c26f91282a9ee6c9b7dac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff023dda00a3f63fd8b8dc285566185fbbba5d0f2633d870228be955cada72b
f715b88c17bede3cdccf1c5bcc28a86b412328230d78291db2d1bbcb3443b03e
f8d05292007c8fff703d3448d2529ba07f67e0087b59ee658ccd09898640eb74
fb6c60798eab7393f53bb62c004bbfa4a731c112114f0879976c35a28a29d24b
fe10ff2d84aa09c638cd2dd6d40bdbc7535d83807cd0cabd78e119c8fe9283ed

passagenscomdesconto.com Open in urlscan Pro 20.201.24.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

67 %IPv6

15 Domains

21 Subdomains

18 IPs

5 Countries

4241 kBTransfer

8349 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

passagenscomdesconto.com Open in urlscan Pro
20.201.24.124 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

67 %
IPv6

15
Domains

21
Subdomains

18
IPs

5
Countries

4241 kB
Transfer

8349 kB
Size

18
Cookies

72 HTTP transactions
0 data transactions