urlscan.io logo urlscan.io
SecurityTrails logo

www.cvcpassagens.com.br Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cvcpassagens.com.br/
Effective URL: https://www.cvcpassagens.com.br/
Submission Tags: @phish_report
Submission: On November 08 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 9 countries across 32 domains to perform 203 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cvcpassagens.com.br.
TLS certificate: Issued by E1 on November 1st 2023. Valid for: 3 months.
This is the only time www.cvcpassagens.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.33 16509 (AMAZON-02)
1 52.217.120.224 16509 (AMAZON-02)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 104.20.219.77 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
3 24 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 36 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 151.101.65.108 54113 (FASTLY)
5 14 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2620:1ec:bdf::63 8075 (MICROSOFT...)
4 23.213.164.226 16625 (AKAMAI-AS)
6 142.250.186.130 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
13 185.89.210.122 29990 (ASN-APPNEX)
3 5 2a00:1450:400... 15169 (GOOGLE)
4 4 54.93.168.0 16509 (AMAZON-02)
2 17 142.250.186.34 15169 (GOOGLE)
2 2 151.101.130.49 54113 (FASTLY)
3 3 34.91.62.186 396982 (GOOGLE-CL...)
2 3.33.220.150 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 95.101.200.166 16625 (AKAMAI-AS)
2 2 213.155.156.168 1299 (TWELVE99 ...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 37.157.6.233 198622 (ADFORM)
1 2 23.35.237.56 16625 (AKAMAI-AS)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
203 30
13    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cvcpassagens.com.br
www.cvcpassagens.com.br
11    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
20    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    18.66.122.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-33.fra60.r.cloudfront.net
cdn-images.mailchimp.com
1    52.217.120.224 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cvcpassagens.com.br
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
18    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
24    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
36    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
14    2a02:26f0:3100::1725:e25a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
4    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
cdn.adnxs.com
6    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
13    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    54.93.168.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-168-0.eu-central-1.compute.amazonaws.com
pm.w55c.net
17    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    95.101.200.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-166.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a05:d018:d29:3605:66db:1fb1:629d:b93f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
2 MB
41 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
265 KB
19 cvcpassagens.com.br
cvcpassagens.com.br
www.cvcpassagens.com.br
582 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
893 KB
17 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1682
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
117 KB
14 bing.com
www.bing.com — Cisco Umbrella Rank: 66
40 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
9 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
479 KB
7 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
www.googleadservices.com — Cisco Umbrella Rank: 145
608 B
5 google.com
www.google.com — Cisco Umbrella Rank: 2
778 B
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
3 KB
4 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4948
118 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
r.turn.com — Cisco Umbrella Rank: 4121
869 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
453 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
207 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
650 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2101
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
297 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
894 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
83 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
710 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
554 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2781
46 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 2772
736 B
1 amazonaws.com
s3.amazonaws.com
140 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 5813
2 KB
203 32
Domain Requested by
36 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
www.cvcpassagens.com.br
pagead2.googlesyndication.com
tpc.googlesyndication.com
24 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.cvcpassagens.com.br
20 pagead2.googlesyndication.com www.cvcpassagens.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
acdn.adnxs-simple.com
17 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
17 www.cvcpassagens.com.br www.cvcpassagens.com.br
14 www.bing.com 5 redirects googleads.g.doubleclick.net
13 ams3-ib.adnxs.com googleads.g.doubleclick.net
acdn.adnxs-simple.com
cdn.adnxs.com
www.cvcpassagens.com.br
11 fonts.googleapis.com www.cvcpassagens.com.br
googleads.g.doubleclick.net
pagead2.googlesyndication.com
10 www.gstatic.com googleads.g.doubleclick.net
8 www.googletagservices.com googleads.g.doubleclick.net
www.cvcpassagens.com.br
8 fonts.gstatic.com fonts.googleapis.com
6 www.googleadservices.com www.cvcpassagens.com.br
5 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 pm.w55c.net 4 redirects
4 cdn.adnxs.com www.cvcpassagens.com.br
googleads.g.doubleclick.net
4 adsdk.microsoft.com www.cvcpassagens.com.br
googleads.g.doubleclick.net
3 um.simpli.fi 3 redirects
2 sync.teads.tv 1 redirects
2 c1.adform.net 2 redirects
2 s.tribalfusion.com
2 a.tribalfusion.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 d5p.de17a.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 match.adsrvr.org googleads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 i.clean.gg acdn.adnxs-simple.com
2 maxcdn.bootstrapcdn.com www.cvcpassagens.com.br
maxcdn.bootstrapcdn.com
2 cvcpassagens.com.br 2 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 r.turn.com
1 ad.turn.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 acdn.adnxs-simple.com www.cvcpassagens.com.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s.w.org www.cvcpassagens.com.br
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.cvcpassagens.com.br
1 s3.amazonaws.com www.cvcpassagens.com.br
1 cdn-images.mailchimp.com www.cvcpassagens.com.br
203 41

This site contains links to these domains. Also see Links.

Domain
www.decolarpassagens.com.br
www.tanviagens.com.br
www.vijanet.com.br
Subject Issuer Validity Valid
cvcpassagens.com.br
E1		 2023-11-01 -
2024-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-17		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2022-12-06 -
2024-01-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://www.cvcpassagens.com.br/
Frame ID: 6AE09606FA3F0217906E6C5EED5459BE
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Frame ID: F7908F9FB36C6C882F183F0649CB3101
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&adk=1812271804&adf=3025194257&lmt=1699465138&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138176&bpp=4&bdt=578&idt=234&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=100211640424&frm=20&pv=2&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: 24EF573D690390851C16BDE917A9BD23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Frame ID: FF9FA02C9B15606614DBC70EF1D166BE
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Frame ID: C6B23F94E0816820C788F0A2E528764A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=498&slotname=6892162907&adk=3148119517&adf=2546973269&pi=t.ma~as.6892162907&w=830&cr_col=4&cr_row=2&fwrn=2&lmt=1699465138&rafmt=9&format=830x498&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138182&bpp=1&bdt=584&idt=263&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C830x200&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eqb3OBY3J9&p=https%3A//www.cvcpassagens.com.br&dtd=265
Frame ID: D0D55B37E49CEC1B2427E07F3A2FBAA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Frame ID: FD78BA302A139E7E10A9313D0BB1CC19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Frame ID: 3DFEB7001AD631ABBC2DD9A3486F3714
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Frame ID: 3CE389709131F42F9443EAAF41950A3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Frame ID: 13FB18C2AC35A8D636E16588388921B3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Frame ID: 185F3F9034F4FEA34BB2B1EE6F2908D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Frame ID: CB78BCF8D905DA37A59C7A89F5FA79F5
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: A67336C81A7D71D6D5F37F7EE41498BB
Requests: 17 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: FA050CB6EE9184E17B598117B0802B9E
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A1CF260B04AC5FA4A252AFE5DD27515D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 60CCB2DC670882B168360626A5AB67FE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A19D28CB3B99B8CDE3E0DB57A4D5AA0F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 6C141AB0B5F625D7B1489E1ADB8DABA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EC4A25BE92F3E6934E377D44C498E6F9
Requests: 2 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: FB1F967257B80E815DC3F7E6F88F8ED8
Requests: 13 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: BE6E6C37F701DF59D2DCA0634515FC40
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51C65C97B90E4EFAB87E431FAA864262
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 6C5BDCA6C57F37004BEC9563CAEC84A5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B979F5891C10F222261C3064506C5F9F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C152F82B06B5940A47D3B3AEA771C03
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: E343FA1C97B49984C55DE070DB3BD980
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 043EE523350A8A80E0BFFBF03DE79DCF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B330E8D063308850333B4836570ABB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 823585B3034B0C4319DACD653CE994FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CVC Passagens Aéreas - CVC Passagens

Page URL History Show full URLs

  1. http://cvcpassagens.com.br/ HTTP 301
    https://cvcpassagens.com.br/ HTTP 301
    https://www.cvcpassagens.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

203
Requests

88 %
HTTPS

49 %
IPv6

32
Domains

41
Subdomains

30
IPs

9
Countries

4591 kB
Transfer

8099 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cvcpassagens.com.br/ HTTP 301
    https://cvcpassagens.com.br/ HTTP 301
    https://www.cvcpassagens.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODM0aKGfxCwCRiwCTIIkOgl7FHIP50 HTTP 301
  • https://tpc.googlesyndication.com/simgad/15673755883701193659
Request Chain 78
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5868b9a9-0f02-4c99-bd24-2332a0167500&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a1c8f84a-d9db-4d08-aaf4-63c37420fa66&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D2fcdc27070ec4eaaa63681906c1d876c%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_ohlrehvq&aid=2127223676501972320 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2fcdc27070ec4eaaa63681906c1d876c&SNR=1&GV=2&med=10
Request Chain 100
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ca88d547-b392-4722-b063-530b6e2565aa&bidId=1&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=172bd134-e5db-4da0-98d3-d392e5345e64&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%288-0%29%3F%26RG%3D8d23315ce5994bf399830f9f6040ad68%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_ohlrehvq&aid=6416415373644335055 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(8-0)?&RG=8d23315ce5994bf399830f9f6040ad68&SNR=1&GV=2&med=10
Request Chain 101
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C58IMssdLZbTQHa7V1fAP3YS02AfejaOccdednb7OEGQQASC_y68DYJGEoIWMGKAB9Oeg_QPIAQmpAkgBjp9_57E-qAMByAPLBKoE7gFP0KURVfHZmg26GnrcfmNreYupmCkXWKmYi_KcaQDc8Tg-0DJpaJC2istDpBEfk6aH3LJcSseQMwztwDQE_tGknfogLbwJ6JMyvwMWHjPymFLNGs_taqL2zjUN_Si1nBRzJ6RRpr8mU8hYKlCAfTylkFFA36y5z642PxnO8TJCiXLlVKmtePJOYdot2BqFbD2ESBF7T-9RfH9ctyxU9_84N8XNbP_Ok0911zn4RALQdVyH9hC1G1GCCxTLOVGdvq04bp9N0BEVAa6HnMOa3cMBUG6myKcWcSGnfc_431tJ0HNK3PVbHsRY2a574rwiwASQl5mqnQSIBbbvutZFkgUECAQYAZIFBAgFGASgBi6AB9PtsROoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ09MX0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJO2h0dHBzOi8vd3d3LmludGVyaG9tZS5ubC8_cGFydG5lcmlkPUlIMTAwMDIyMyZnY2xzcmM9YXcuZHMmgAoByAsBogwMKgoKCOS0sQLutbEC2BMNiBQB0BUBgBcBshccChoIABIUcHViLTU4MjMyMTA1MDIxNzYxNjIYAA&sigh=gulIe67L5bU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNByBh7Yp6PXibcpL3BIe9jgkO5tq3-egEi4cRi2HfYHwLI3lu5kPbEOJ3a-HK5eKZUIQozAvrFvRG3wMwTPSgEh-HgEOn2aYiaC8YAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053267844252135084%22,%22debug_reporting%22:true,%22destination%22:%22https://interhome.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067987956%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223207511465385041777%22}&andc=true
Request Chain 129
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b5596be7-2120-45c2-9b43-c9f734ced0d0&bidId=15000&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=a59b678e-4b89-44eb-8af2-d73855e77f7e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D3df1ca499e9b43e89039b76e972ce3fb%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=4240185106858566013 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3df1ca499e9b43e89039b76e972ce3fb&SNR=1&GV=2&med=10
Request Chain 135
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=057927f5-3821-4c40-ac9b-40982ac71910&bidId=15000&bidderId=4&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=3c3c52db-8085-4b25-98ae-ea735c92d594&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D0d7b0a62d5aa48258621d6d043f11936%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=446842752914915472 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0d7b0a62d5aa48258621d6d043f11936&SNR=1&GV=2&med=10
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 139
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 148
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUIY0ssdLZfm7HdmA1fAP2eimqAn79dqUbt-frpnAEcmA5YKgOBABIL_LrwNgkYSghYwYoAG54_7yA8gBAakCSAGOn3_nsT6oAwHIA8sEqgTwAU_QsNiADfbykvCUR42qQF8R4iDYLyEMc8-ubVmZTEj9tvcOu1e1xbyxlo0FcwM22eZv3X0ftoFjFppNNgylD4CqlmK-fpGYiOKGrmSHmHKSHRJ5J7zZXLwVU7zJpoUz4BSc2U4gFDB6TqdWvjk4wokZYsOTxBgdPvAHLx5hytuc4iEEfBvbd9XDr3G75rsEvBwE7cvEwpi-eoaLhUzP_Ro2PYJYQHU03uy3B2sad_V1q_LNIYp2B__LsG4QmHSqDiSdkUZjXHfqIRunMLxEdKTEd4Z9CGP2gD58KF6Y-mLy2dQZgqXmYkaDzlh124o1K8AEt4GxrUiIBY-jmoMBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6-cgQ2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCoxQ3SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkeaHR0cHM6Ly92YW5nZW1lcnR6d2VtYmFkZW4ubmwvgAoByAsB2BMCiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU4MjMyMTA1MDIxNzYxNjIYAA&sigh=vs7A7BkkyvM&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNcaN8Vp1Yb2Tg0kVKZSlo7H7Vn8Q9V3nRwPp5X1T8BQVa94njasJZmusJO63EiwbxjIWKajTIUen-XsZv2VHUJ5LA3_VgnOcfy7wYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212997457519100951724%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221046458809%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216020025648699597393%22}&andc=true
Request Chain 149
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 159
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CkfPlssdLZZSWHbe01fAPzrq06A379dqUbt-frpnAEcmA5YKgOBABIL_LrwNgkYSghYwYoAG54_7yA8gBAakCgaVzwBfvsT6oAwHIA8sEqgTwAU_QpsLcGZ-vIyVSu9UDfChhvAYroCuvLRrAsFWMsMjPA7pp3DFg89ShJmDOTBRRj5Kr7gk0ITbzqHOGsaL4UF2J16Jh-3HCWvA-VSucOLYWNPcEaVDWhca-XDRaEY4NR7l55bP8vnNwYOiVBJMJrDuHNVv2AJr0-cQOC4Vhkv7gSuHiz2dqdd8dfpaaOgN3P66_dNUbVxTRKj1QOpLigEG-7d3ujPczQcgV8gLuKL5uKo1-afPFUz9APGja_-Dy64JjTrNfzdQRm-A7Hq01aAOhGToZ-pPJe4ciOdWYAbcrDjbwOHsxX5sTcQR_rcQy5MAEt4GxrUiIBY-jmoMBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6-cgQ2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCQ3gPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkeaHR0cHM6Ly92YW5nZW1lcnR6d2VtYmFkZW4ubmwvgAoByAsBogwMKgoKCOS0sQLutbEC2BMCiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU4MjMyMTA1MDIxNzYxNjIYAA&sigh=LHaNCxN2laY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaN3Wpawy4RrgcNahRLN9dC4Z27frpDCGLIobnk56Kf4hcgz4XI9uiZmzwBgJkrC5beWqY-z3JQywidd6W-t8NyWdai_iertg8NS6cYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22171901478752694143%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221046458809%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2243644964984498305%22}&andc=true
Request Chain 167
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cver=1&google_push=AXcoOmTGsFAHXvtT0L4ZpX6blsUHKPAMw1g06oNYCixH2mX0LOUGw9nOj4t4_9Cc_oaQ3Q7C1ZcmSieAxwusMcV_VP3TmJ1IEeayDA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cver=1&google_push=AXcoOmTGsFAHXvtT0L4ZpX6blsUHKPAMw1g06oNYCixH2mX0LOUGw9nOj4t4_9Cc_oaQ3Q7C1ZcmSieAxwusMcV_VP3TmJ1IEeayDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cver=1&google_push=AXcoOmTGsFAHXvtT0L4ZpX6blsUHKPAMw1g06oNYCixH2mX0LOUGw9nOj4t4_9Cc_oaQ3Q7C1ZcmSieAxwusMcV_VP3TmJ1IEeayDA
Request Chain 168
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKcQS9YlKt2tTLgciWPJqp4&google_cver=1&google_push=AXcoOmToTuv2j9eFVyP4tZa-7soqh-8NZm_C5JTreDyQNeuzuCpu2W38vmkscHrToxKv7b29dIRUPsHUcB2OR6MKqqlfKmikPEMe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcQS9YlKt2tTLgciWPJqp4&google_push=AXcoOmToTuv2j9eFVyP4tZa-7soqh-8NZm_C5JTreDyQNeuzuCpu2W38vmkscHrToxKv7b29dIRUPsHUcB2OR6MKqqlfKmikPEMe
Request Chain 169
  • https://um.simpli.fi/gp_match?google_gid=CAESEGsf-HfxF6ouel7S-hzdw7c&google_cver=1&google_push=AXcoOmQsEiUVhy8HXDmjB-R34Q1vNeWt3TqftJtdbluqs4s8fJs_tJ_GsVgEDoX3HxwcQuZHPx9U_ItiQ2ZORekOm8W4FHHwG5duGg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmQsEiUVhy8HXDmjB-R34Q1vNeWt3TqftJtdbluqs4s8fJs_tJ_GsVgEDoX3HxwcQuZHPx9U_ItiQ2ZORekOm8W4FHHwG5duGg
Request Chain 171
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFsbWKUP1OWgJcpthlwHUYI&google_cver=1&google_push=AXcoOmQb7gDjz4XyCK2iJ6URAa5MvCHVWJVuCcZ_XJxZXOx3jGevzkDl58MVVIGjHIX7Bd0enzCFX42vy6XMHHuhYqaOaHjpleJG HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ybxm3MCVRvYlvOvdLIALHQ&google_push=AXcoOmQb7gDjz4XyCK2iJ6URAa5MvCHVWJVuCcZ_XJxZXOx3jGevzkDl58MVVIGjHIX7Bd0enzCFX42vy6XMHHuhYqaOaHjpleJG
Request Chain 172
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQUmgy6r_n-CUtfIk9CUF6a_wG9_FwbzJ1i93UXztcE7qIESEIRA0ZKbmFsOAXqQ8v1rAwR8TV1h1OAxpUDZGLVYKC_X7T_8g&google_gid=CAESEDVqDs2vuWbMsl2YznmL2jY&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQUmgy6r_n-CUtfIk9CUF6a_wG9_FwbzJ1i93UXztcE7qIESEIRA0ZKbmFsOAXqQ8v1rAwR8TV1h1OAxpUDZGLVYKC_X7T_8g&google_gid=CAESEDVqDs2vuWbMsl2YznmL2jY&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDgxNzM5MDEwMDA5MTI2MjUyNTg4NQ%3D%3D&google_push=AXcoOmQUmgy6r_n-CUtfIk9CUF6a_wG9_FwbzJ1i93UXztcE7qIESEIRA0ZKbmFsOAXqQ8v1rAwR8TV1h1OAxpUDZGLVYKC_X7T_8g
Request Chain 173
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBHEM5Vaa2x7D1RXkHYFgIE&google_cver=1&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zLnmFYB9w HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBHEM5Vaa2x7D1RXkHYFgIE&google_cver=1&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zLnmFYB9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zLnmFYB9w
Request Chain 180
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cver=1&google_push=AXcoOmQkjXOT1-isVoaL4pADPMKx5BgVjltZieCZIdwkdogDqDYBxcJQ_rmsWKjgMTQbIRK89_ar5H47UzhRFYnuwaFHfSCdJqFXjXc HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cver=1&google_push=AXcoOmQkjXOT1-isVoaL4pADPMKx5BgVjltZieCZIdwkdogDqDYBxcJQ_rmsWKjgMTQbIRK89_ar5H47UzhRFYnuwaFHfSCdJqFXjXc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cver=1&google_push=AXcoOmQkjXOT1-isVoaL4pADPMKx5BgVjltZieCZIdwkdogDqDYBxcJQ_rmsWKjgMTQbIRK89_ar5H47UzhRFYnuwaFHfSCdJqFXjXc
Request Chain 181
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFQxL-h-5oQS6ZumOoH8Lr4&google_cver=1&google_push=AXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQxL-h-5oQS6ZumOoH8Lr4&google_cver=1&google_push=AXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 182
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEB-M5iczSI8IOa1qt1NLpRQ&google_cver=1&google_push=AXcoOmRU0WTlUXPj9pYILvGelvzHEPFfAwYVZbLDLxAnQvU27Za35KcPCkyWjUugTeG6GCeDinhU8tIiGmiYng3uO4HdH2fmNj5pp5s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-M5iczSI8IOa1qt1NLpRQ&google_push=AXcoOmRU0WTlUXPj9pYILvGelvzHEPFfAwYVZbLDLxAnQvU27Za35KcPCkyWjUugTeG6GCeDinhU8tIiGmiYng3uO4HdH2fmNj5pp5s
Request Chain 183
  • https://um.simpli.fi/gp_match?google_gid=CAESEJkkt7H5ui9GZA-5oZ5rlEM&google_cver=1&google_push=AXcoOmSfS8kZTzlLfACCBErRj8W2_aXDLUCEgnA_Gn3h2FeTcNIZ1MyAYZVwWarCh5cftG4hGhGgWbufqEcCquwyzPBYJ1X16mWUdTM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=88E29FAE95BC48A7979A8DFD24DE1E6F&google_push=AXcoOmSfS8kZTzlLfACCBErRj8W2_aXDLUCEgnA_Gn3h2FeTcNIZ1MyAYZVwWarCh5cftG4hGhGgWbufqEcCquwyzPBYJ1X16mWUdTM
Request Chain 184
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGBw0FSwF32K8QNkwLzyLv4&google_cver=1&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6m-0LMbQUcOtg8Xt7jh7sg8rRM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGBw0FSwF32K8QNkwLzyLv4&google_cver=1&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6m-0LMbQUcOtg8Xt7jh7sg8rRM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwNjUwNzUwNjQ4MDgzOTUxNA&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6m-0LMbQUcOtg8Xt7jh7sg8rRM
Request Chain 185
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBylvDh2U8smq3QU2SN2w_0&google_cver=1&google_push=AXcoOmSauY4TtYV09YSEozXlLX7yGv8pfWyITTl2yhI9T-twpF-kPfOrVTThCJIR_JqQUOedjMM0jN_FvCT4o5wuyOT1ToUvQOvh0wjz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSauY4TtYV09YSEozXlLX7yGv8pfWyITTl2yhI9T-twpF-kPfOrVTThCJIR_JqQUOedjMM0jN_FvCT4o5wuyOT1ToUvQOvh0wjz HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 187
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJd6AdG8JBL6QR06v1g2DZI&google_cver=1&google_push=AXcoOmRm5W7h7kLxjpzPj5R2VIA81twjVKyJtiYJ0RMKvoNsnZR5hmd8R846-qPqnMZS6_-O-ZbVFrBeh2qqiQ54c52u0tSNa5GBPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU5Njk2NDAyMzY3OTc1MzE3Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJd6AdG8JBL6QR06v1g2DZI&google_cver=1
Request Chain 190
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDvcebywPOSfzcKeiYgOOWE&google_cver=1&google_push=AXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDvcebywPOSfzcKeiYgOOWE&google_cver=1&google_push=AXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 191
  • https://um.simpli.fi/gp_match?google_gid=CAESELRX_QcverC29MCFP-YqRjw&google_cver=1&google_push=AXcoOmTnQtfh2FsWFSJydBMEVUuGXkLhn2Z0tV92bGNiApLV9iY0yBc4u-dosxC_Ije3Me67emgKQb9U62kJjbpJGjPXYpjMig7u9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmTnQtfh2FsWFSJydBMEVUuGXkLhn2Z0tV92bGNiApLV9iY0yBc4u-dosxC_Ije3Me67emgKQb9U62kJjbpJGjPXYpjMig7u9A
Request Chain 193
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELfgrF7IQTMmg6HrruUdrDY&google_cver=1&google_push=AXcoOmRhIpEY4d03pDJ8iQcFgpZOYB0M57tG1xOEtn_ef0LXE_6GYSkS39eW2r9x1NfbdhT46Up3sWLPcjmHlIrL-rKn4SSi336a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhIpEY4d03pDJ8iQcFgpZOYB0M57tG1xOEtn_ef0LXE_6GYSkS39eW2r9x1NfbdhT46Up3sWLPcjmHlIrL-rKn4SSi336a&google_hm=eS03VTNkNkxGRTJwR0dTX3NoOVFjd1hGdkNzcV9Kbjc2S35B
Request Chain 206
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5868b9a9-0f02-4c99-bd24-2332a0167500&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a1c8f84a-d9db-4d08-aaf4-63c37420fa66&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D2fcdc27070ec4eaaa63681906c1d876c%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_ohlrehvq&aid=2127223676501972320 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2fcdc27070ec4eaaa63681906c1d876c&tids=15000&med=10

203 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cvcpassagens.com.br/
Redirect Chain
  • http://cvcpassagens.com.br/
  • https://cvcpassagens.com.br/
  • https://www.cvcpassagens.com.br/
41 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
7c5b0604c8ea7ffa6683cfd726c4deee05b65b0da06b62b71c366c46722c2533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
822f97b2e870d0d9-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 17:38:57 GMT
link
<https://www.cvcpassagens.com.br/wp-json/>; rel="https://api.w.org/" <https://www.cvcpassagens.com.br/wp-json/wp/v2/pages/37>; rel="alternate"; type="application/json" <https://www.cvcpassagens.com.br/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
unsafe-url
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb23TPoss3qtdIDyp%2BRYVhex8koKkOWsHzDTOKYoBtrOk8G7ec%2BCg93QlDyKHhkuSvfsxc2rCm8nCsvoq15XsWnkB0twSjw6B6Ww3kC3xth6GytwJSK%2F0uWzqF2ZseA8VFtYZcJq1MmCN%2BcJBKmyfIEfwzhNCw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
5aa_HTTP.200,5aa_front,5aa_URL.6666cd76f96956469e7be39d750cc7d9,5aa_F,5aa_Po.37,5aa_PGS,5aa_
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
822f97ad3b29d0d9-AMS
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 17:38:56 GMT
location
https://www.cvcpassagens.com.br/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
unsafe-url
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tGueON9T1VfmM7wv3ItUgP4nROvymDCE07T%2FJILkJDpbdC0EFUGtqVk1LFIo95KscTT4Nrm1HIJYPpRBALLdm3tHpkYVO%2FrLsCwKCzl8O3UvfZXGBTGWb3k9t1D24oj0oBGkrrD8rynSW7HPsC1t1Xt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-litespeed-cache
miss
x-powered-by
PHP/8.0.30
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
style.min.css
www.cvcpassagens.com.br/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 19:56:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxk%2FFF1mlmHzB2VeQ%2BXiSx8yb7BcBMYq1IUTDUl%2FDWNPcgMKXFn9vjelhdprotfw5dQHrk1qgvOMHAur80fn9%2BN5SIhRQrJoGz9o%2FPXWd50WD3pXcMbqrJVURMdnaTToQAYXL2DNFUwdFDQMi9dd0BMoJhKxeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62becd0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 17:38:56 GMT
classic-themes.min.css
www.cvcpassagens.com.br/wp-includes/css/ 		217 B
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 25 Oct 2022 17:45:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k41UOdU33ekMBZO6wX27CMAbmn0Wn3QZCpMv6Hq9C7qVsC7b9ECmAVNcEtKpPWzUvWBYgubcu0XNm6TtWywHEtsPrED8LjeyXMuhGtR0mN6LDPl68znlXH756JDZ%2BhBHsyJi96lp0FDhCrcM7tzO52QEfn0bPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf0d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 17:38:56 GMT
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C600%2C700%2C800%2C900%7COswald%3A300%2C400%2C600%2C700%7CScada%3A300%2C400%2C600%2C700&ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5d81bb48c7e75ef5eb1a9766e0801f95506949353fe753e986a431054bf1705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 17:38:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:57 GMT
style.css
www.cvcpassagens.com.br/wp-content/themes/healing-touch/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/style.css?ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f3e8dcd1ce34bdba37215aca46fa08693637600af0263ed05d7292ad02b9d5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jul 2018 17:58:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141521
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE1YAbcYdBxSFOphlBqb5V%2BaybIb766JfCFpfA9UtnFSX68QzqOg8pbjH6ifmwjGYEI8oiLcwTHd87sMnfgxAIikZRInZ%2FQVdGkRn8qfTDuOi865PG%2BCaw9l1f0o0B56OAMB50nWkTJTccLVfQrUKGDfYrFIFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf1d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 02:20:15 GMT
main.css
www.cvcpassagens.com.br/wp-content/themes/healing-touch/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/css/main.css?ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffdb8b548e7c75f6d871b6b65c7d059612511dc9d83fbdf1297347c8289d1c6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jul 2018 17:58:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141521
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gKWm4sfBv1TFodc7oqWc40aSQtezsoeKuwzBuPFXOEQEBqRIf28NstHbGA9wrWWCYyCEO5n5XWIh2uaD3g6%2Frr%2BgUL2Yqd%2B0lXOfkXvKGifttxQNfkniG%2FL1Ioqwr4TE%2FiDq09ncrUVHtrIKvgptePCDnGdmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf2d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 02:20:15 GMT
style_base.css
www.cvcpassagens.com.br/wp-content/themes/healing-touch/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/css/style_base.css?ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ac359c428b91df3ab1867d6fca9c3a4232af2f923bd4ae06255c34d00367dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jul 2018 17:58:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141520
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuvUiMwngP4iC%2FDSQVPj%2FXNywZnJLmINrLsskMBaZSs%2Fy9KEoOO4LsHhtA2inatSc9SwVNTJQadnGTo5nBKZh2xIaNR3b7625E3HXl3wn0%2FHIORVQNKDel8hgU9cZEKUG3IF4bteIvOdXDeWTqHxM845heuiKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf3d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 02:20:16 GMT
jquery.min.js
www.cvcpassagens.com.br/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Sep 2022 18:16:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141519
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfBcUZ5RTqCGlxhhS6NaltJTYpYASl3ql9fHWrDU%2FFlFavpwTVXTa%2BHAx9%2BBFIRs7qKuSqiiXJsYJREa7aVExBO9uOIdU3GFMPXOv1oY2KDYhrK%2BuZODLdA2peqoJMftX%2BBZ9QeNGGZqsZHyk5QtJ1f0W07rag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf5d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 02:20:17 GMT
jquery-migrate.min.js
www.cvcpassagens.com.br/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 Nov 2020 14:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aMq5CC4PH3KxYHR3M%2FdHUc8lRY%2FC3Cpt%2BQPfMhMfXGtcbg2BpyzzRvw6tlHCbaz7lO9cFv8tNkOW3%2FUBqCU%2FWIVd70ZEhzFDxuejDJbcF105utrn4sT8u4BP7%2Bz0N3togrwKjcsuyvb9jNHe0HBhF8ErC5w%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf7d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 17:38:56 GMT
custom.js
www.cvcpassagens.com.br/wp-content/themes/healing-touch/js/ 		1 KB
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/js/custom.js?ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a8737e5ba4a9a6d0c6e7eac5a506418996811c470ae137f35c5be4453dd312

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 17:46:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9RNeSukBTwOfreqRGSoa%2B5%2BRf2eBoNFGlBLU67FyQBZlYcoNNeRAkENwGXr2An7WeFaRI28AbGedU8zc2S0xcZaIB3h9QKD%2FUeT0qqg7B5BC%2Bp6Fs2FE%2FBO5PUEWRbuVYwW0q%2B1UlVhZ6NHt6pe8JZofD1yhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf8d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 15 Nov 2023 17:38:56 GMT
notbot.js
www.cvcpassagens.com.br/wp-content/plugins/wp-simple-firewall/resources/js/shield/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=17.0.7&mtime=1677774609
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4865394c997ec6daa7530ce6d4e6c21e149a09d8d7058f0ffcc7a7771e36a6e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 16:30:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141519
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uws4%2BKPYzvXCq6PmacDOZJ3UKcGA5o0OMxF%2Fq03N051f%2BXFMsEW4VxuIYv9KMS2XehtqFqp8JBCPIAKmbq4lGIk3OqlGoaoYOUUqDlBV%2FGbaL05YWQGQh2te5XabVcS8MKt8gkjsXcCwC4y7mRg2%2B8p7RI%2Bg%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b62bf9d0d9-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 02:20:17 GMT
css
fonts.googleapis.com/ 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:900
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e73b591e81079687d518c6a68e3f6c37fbf298c954e8c783618ee466a1f7f0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 17:38:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:57 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
570684
cdn-cachedat
05/01/2023 15:40:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b9f68144baab9564a7e8739a4135280d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
822f97b67fb666c7-AMS
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d170048b754e396dbaec7d571ca44e6b31cfa90c2faac4e30eb87b459b3fbc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52318
x-xss-protection
0
server
cafe
etag
11824048711989218981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:58 GMT
cvc-passagens.jpg
www.cvcpassagens.com.br/wp-content/uploads/2018/08/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cvcpassagens.com.br/wp-content/uploads/2018/08/cvc-passagens.jpg
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c923c83bfed6d18b1586fd66ad5c0d75587a2e8148e9c8b299acfdf5e2c2ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
316466
alt-svc
h3=":443"; ma=86400
content-length
34805
last-modified
Wed, 01 Aug 2018 19:28:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pkc6CiakflgUaj2VxACdQWE4Ht%2FQd6KFH6JhQpSCUzcPeFjOfa3816aVD%2B8YIIdLHvBXKiLb1vfUG7VFFx%2Fygh%2FeaB9Hdc3q8DT2s6QI7D8B2iSCJeJXSh%2ByeeDMXGLCTiXkgLJiKYBk%2FtiPZ%2B7kfHz%2FJq6HSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
822f97b62bfad0d9-AMS
expires
Sun, 12 Nov 2023 01:44:31 GMT
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-33.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
date
Wed, 08 Nov 2023 02:16:55 GMT
last-modified
Thu, 17 Dec 2015 16:52:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
55323
etag
W/"ae0fc9b84c30cada1784022044962394"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sNoGB7C0Eh3B_wzwW_sdRZjeQg4Uu-qpA25DApKRmE_-DP1V0pyZtw==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.120.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 17:38:58 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
9R989FYCVGH65G85
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
lmCVMj+ouud1aHy0tm13BOnbiHmH2U40rKoW/4vu/d4WfWNdB3bvU3SCzzinT2Bi23vg2/kPAjk=
frontend.min.js
www.cvcpassagens.com.br/wp-content/plugins/q2w3-fixed-widget/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 16:29:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
97536
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqpMs%2BZWD2hJoh2vQTCf07KdmN7pxbHs5sYV0hJhxQfCYZTyFJacGT4vjcrofpwqSFHTsLyDzVgssLDAbvkArvs%2BiBZ06bXaR0jRUAGyB9K3RpQWzLf9ZVex9y1U3wZu3%2FOOWpHyxQfkPVdkT3emfyQftVW7TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b6ed9f06d0-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 14 Nov 2023 14:33:19 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Nov 2023 16:49:36 GMT
server
cloudflare
age
31998
etag
W/"65491920-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
822f97b8abf3b7be-AMS
expires
Wed, 08 Nov 2023 20:45:40 GMT
wp-emoji-release.min.js
www.cvcpassagens.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 09:56:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
442848
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Byny803LvRmLobVwiP%2B5uw4U8xhFo%2BkcsnVr8zB%2BsgrTYcMI5iy6r73%2Bro1tW5R9AhdWbJ9en%2BpXUGQxrfMDMzxLY5yGTlJDZPFy7GiEjCOxcNLfNXPmh1ridUKpG2I0Bfw5jnzIUtO6DqBZdFMdnEtvdVbaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b82f2e06d0-AMS
alt-svc
h3=":443"; ma=86400
expires
Fri, 10 Nov 2023 14:38:07 GMT
admin-ajax.php
www.cvcpassagens.com.br/wp-admin/ 		0
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cvcpassagens.com.br/wp-admin/admin-ajax.php
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=17.0.7&mtime=1677774609
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cvcpassagens.com.br/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 05 Nov 2023 06:18:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOHJwJ0lIodELzzCVDd0zQgu%2FfRDE%2BgyccYmRa38IYOz6amxGP19psF1c552pisUO3VqFU5EZDRVJ9xk%2FLk28u%2FUV1jfC4R3Ki%2B6tjpxDichZMIEhgK21y7Ynn0LxiSXWl1B%2FiLUHuCyMaWue2YrW4DUrM0rxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=30000, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
822f97b82f2a06d0-AMS
alt-svc
h3=":443"; ma=86400
expires
Sun, 12 Nov 2023 04:58:56 GMT
icon-lupa.png
www.cvcpassagens.com.br/wp-content/themes/healing-touch/images/ 		539 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/images/icon-lupa.png
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d382f38382d547404979ad89a19e714d2ef918ce6cc85ee44af907d4388a6b5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Jul 2018 17:58:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqVG0L0n9wF3gm1Q7u3kuIhXNWt%2FLFeqxn0QI7ahSxlQzn%2FdKZo9VlP4R1Ly2bu077mGoyLesluYOG4R%2F1KG6roqti3DoyMFgfBDUJf25IqgND%2Bvjmg7qdX5bFaKGLcgNMrtcri32l3WS%2Brq39CUE3U6qYxDXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
822f97b83f3706d0-AMS
alt-svc
h3=":443"; ma=86400
content-length
539
expires
Wed, 15 Nov 2023 17:38:56 GMT
bg-footer.jpg
www.cvcpassagens.com.br/wp-content/uploads/2018/06/ 		457 KB
457 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cvcpassagens.com.br/wp-content/uploads/2018/06/bg-footer.jpg
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a510dc6aba0f2675293f476d82b32179a930edaaa4a025c719ec7092e34d9a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
442848
alt-svc
h3=":443"; ma=86400
content-length
467486
last-modified
Thu, 12 Jul 2018 18:15:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drJNAT8iFbwKuO3qm4vQ3lbLjj4ISUjNJs6cMT17S7HiUcUDEQASp%2B9P3lzqvpMdYG%2BB%2FmWwRvsRWnBQg6KdH83VMo733j0E%2Fqjmzg8U%2BLH328PzKQ3RMfQJ6b%2FNzFz12iET83aqXFd4LdmqBnKw3MK3lH3gzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
822f97b83f3b06d0-AMS
expires
Fri, 10 Nov 2023 14:38:07 GMT
footer-heading-border.jpg
www.cvcpassagens.com.br/wp-content/themes/healing-touch/images/ 		339 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/images/footer-heading-border.jpg
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/css/main.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5ca5f225dfd33f42f02157baeb0a31ebd02ffdce3788680457a8e51d03d662

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/wp-content/themes/healing-touch/css/main.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97536
alt-svc
h3=":443"; ma=86400
content-length
339
last-modified
Thu, 12 Jul 2018 17:58:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPZjS%2F7Ro8nP3ktPGw49HAsAue8KWV8oSZL4qFtL5YnXlOfA6tSlQZaWpGc0LM1%2BT62Vi7iNLdTfBmhGeTLyqGep57i3siXN9kT84b7TOKY6MXJVNc0PWC9Tf0O2VZThEQGykg6yfc%2B4GIgZMQW1FoGx2gekkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
822f97b83f3e06d0-AMS
expires
Tue, 14 Nov 2023 14:33:20 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.cvcpassagens.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
cdn-cachedat
10/31/2023 19:08:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3dfabd31d7e5164be7848e139790c25d
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
822f97b85fdb0a47-AMS
cdn-requestpullsuccess
True
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C600%2C700%2C800%2C900%7COswald%3A300%2C400%2C600%2C700%7CScada%3A300%2C400%2C600%2C700&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cvcpassagens.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 19:40:17 GMT
x-content-type-options
nosniff
age
165521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 19:40:17 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C600%2C700%2C800%2C900%7COswald%3A300%2C400%2C600%2C700%7CScada%3A300%2C400%2C600%2C700&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cvcpassagens.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 14:58:03 GMT
x-content-type-options
nosniff
age
355255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 14:58:03 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cvcpassagens.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 02:31:39 GMT
x-content-type-options
nosniff
age
54439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14188
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 02:31:39 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f69b1594855839b8a76f29e3dd3590fd796f78b161798cb978ff5852b6487b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138486
x-xss-protection
0
server
cafe
etag
10902204408215244161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame F790 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
38159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 07:02:59 GMT
etag
251720774729838433
expires
Wed, 22 Nov 2023 07:02:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t.php
c.statcounter.com/ 		192 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11749922&u1=6FEE873E7E4A4F04367A0BBD4BD0328B&java=1&security=45fbd18c&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.cvcpassagens.com.br/&t=CVC%20Passagens%20A%C3%A9reas%20-%20CVC%20Passagens&invisible=1&sc_rum_e_s=2421&sc_rum_e_e=2424&sc_rum_f_s=0&sc_rum_f_e=2135&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.cvcpassagens.com.br
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
822f97baddaab7be-AMS
expires
Mon, 26 Jul 1997 05:00:00 GMT
2708.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		909 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/2708.svg
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
7bd37697525860cea3841d9a6e52bb978539c927d9bace4cbfce5639d923ae78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:53:44 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.cvcpassagens.com.br&callback=_gfp_s_&client=ca-pub-5823210502176162
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3d9f7dba9a77a91d9d7320ab26ae6ce53f352a8c10da746258f803dd18e35e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 24EF 		430 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&adk=1812271804&adf=3025194257&lmt=1699465138&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138176&bpp=4&bdt=578&idt=234&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=100211640424&frm=20&pv=2&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=252
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c935d34bba127cb00885a8758146b06707df581342d6a9553ce37730c623ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
98415
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FF9F 		128 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b9ed67a0ea92854e6a8e9be86af0485ed256be3daa66b7102c47608d71f0e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43700
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C6B2 		141 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f406efc4fd40a14e68ac5e6ce3d8ff1059b30f70bd0691280bc23eeef785388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43181
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D0D5 		734 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=498&slotname=6892162907&adk=3148119517&adf=2546973269&pi=t.ma~as.6892162907&w=830&cr_col=4&cr_row=2&fwrn=2&lmt=1699465138&rafmt=9&format=830x498&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138182&bpp=1&bdt=584&idt=263&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C830x200&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=eqb3OBY3J9&p=https%3A//www.cvcpassagens.com.br&dtd=265
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae0cf644a65727fd26c382bdec230ff4f53ea8896b5e89b78c58057e2ec5a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C6B2 		4 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 15:41:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C6B2 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame C6B2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C6B2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C6B2 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C6B2 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame C6B2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 19:58:49 GMT
3969867053218144377
tpc.googlesyndication.com/gpa_images/simgad/ Frame C6B2 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/3969867053218144377
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22ab9d35585774ce09f17b1ba9d76bd09a73537db9f777beefc6a914846a0e40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 11:36:03 GMT
x-content-type-options
nosniff
age
21776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274795
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 21:12:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 11:36:03 GMT
3378794096741309340
tpc.googlesyndication.com/gpa_images/simgad/ Frame C6B2 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/3378794096741309340
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4fb4d8571698c8077401fccae60d106c3341e5d1401b882db59cc4a57ea0de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:53:00 GMT
x-content-type-options
nosniff
age
35159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251238
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 18:45:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 07:53:00 GMT
11253664206234383241
tpc.googlesyndication.com/gpa_images/simgad/ Frame C6B2 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/11253664206234383241
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96f11504fc00b98fcc850b3e48d25c0d842203a0425567b56394c1fe3c65585d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:08:58 GMT
x-content-type-options
nosniff
age
109801
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288105
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 19:28:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Nov 2024 11:08:58 GMT
5425050752555696662
tpc.googlesyndication.com/gpa_images/simgad/ Frame C6B2 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/5425050752555696662
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a421129407d8bc007d6241382d1ea03fda259481df1abc8e6fd292bbef468509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 09:39:56 GMT
x-content-type-options
nosniff
age
28743
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324966
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 03:53:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 09:39:56 GMT
15673755883701193659
tpc.googlesyndication.com/simgad/ Frame C6B2
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODM0aKGfxCwCRiwCTIIkOgl7FHIP50
  • https://tpc.googlesyndication.com/simgad/15673755883701193659
181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15673755883701193659
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H2
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9da5b0b5f28f79b62dfbaa95cc58fe0efaa7976a1a371c423260f2c8140a4b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:50:26 GMT
x-content-type-options
nosniff
age
60513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184914
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 12:49:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 00:50:26 GMT

Redirect headers

date
Wed, 08 Nov 2023 10:28:17 GMT
x-content-type-options
nosniff
server
cafe
age
25842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/15673755883701193659
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 10:28:17 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aebc569dd4be8998817ddbd6e5f69dd14c4ffb4d011fabe409b52fb31b11e580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55822
x-xss-protection
0
server
cafe
etag
10096019110244385022
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FD78 		60 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6f56ba051190ead6c54c9af9756c21b0cb8306ad2ec8ff00276d94e161a9c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21068
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3DFE 		59 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb16dc7c346d6a984e5e6860bb983c7a836637f73d0d045bd14ae90ae64f53ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
20662
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3CE3 		59 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a729f0e137db5e2f9ea73198e3b6b943fe32e1cf37e08b4069f4c8b4fa2e7690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
20675
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:38:59 GMT
expires
Wed, 08 Nov 2023 17:38:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&hl=pt&pvc=3709246204984017
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:38:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		1 KB
433 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d91d77a752075f4354c919100ee3e868b98b5a0e3853e63257dfe10a85b35541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 17:38:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
css
fonts.googleapis.com/ 		5 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 16:57:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
css2
fonts.googleapis.com/ 		573 B
371 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91d13f4ae5ff8db16c4cb3bb056d699821afe737798000c9ba2f18ba58d0c97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 17:38:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
css
fonts.googleapis.com/ 		5 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 16:45:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44806133&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=3709246204984017
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:38:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 13FB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:47:44 GMT
etag
251720774729838433
expires
Wed, 22 Nov 2023 16:47:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 185F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:47:44 GMT
etag
251720774729838433
expires
Wed, 22 Nov 2023 16:47:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame CB78 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:47:44 GMT
etag
251720774729838433
expires
Wed, 22 Nov 2023 16:47:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C6B2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3758c352e0b8d20713e5713c632605ac8a407759165e48df6b148f8dc6e927a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
HhyqU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1SbxVhQidBnv_C-yl.woff2
fonts.gstatic.com/s/googlesymbols/v229/ 		662 KB
662 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesymbols/v229/HhyqU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1SbxVhQidBnv_C-yl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a769ba035d09bab14ca680172039c487a3cf1e155d11245a4ed78b8dcbed8351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cvcpassagens.com.br
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 20:49:03 GMT
x-content-type-options
nosniff
age
506996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
677644
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:35:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 20:49:03 GMT
8a6c58a25e971cfbc194f00dd2aa8ad4.js
www.gstatic.com/mysidia/ Frame FF9F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 01:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 06 Feb 2024 07:11:42 GMT
281c723aa683930efadfba50222cf93a.js
www.gstatic.com/mysidia/ Frame FF9F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/281c723aa683930efadfba50222cf93a.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4593
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 01:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 06 Feb 2024 17:38:56 GMT
css
fonts.googleapis.com/ Frame FF9F 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 17:23:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FF9F 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame FF9F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FF9F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FF9F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF9F 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame FF9F 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 19:58:49 GMT
css2
fonts.googleapis.com/ Frame 13FB 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 16:03:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 13FB 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:29:06 GMT
x-content-type-options
nosniff
age
209393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Nov 2024 07:29:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 13FB 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:30:38 GMT
x-content-type-options
nosniff
age
533301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Nov 2024 13:30:38 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 13FB 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:51:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
71271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6703
x-xss-protection
0
server
cafe
etag
18125926408851158271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:51:08 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 13FB 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:51:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
71271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
17726888854999048520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:51:08 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame A673 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Expires
Sun, 05 Nov 2023 05:46:12 GMT
Date
Wed, 08 Nov 2023 17:38:59 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
43430
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
46953
X-Served-By
cache-lga13622-LGA, cache-bru1480061-BRU
Last-Modified
Thu, 05 Oct 2023 15:31:43 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1699465140.608088,VS0,VE0
ETag
W/"651ed6df-204b6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
127, 8565
c.gif
www.bing.com/aes/ Frame A673
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5868b9a9-0f02-4c99-bd24-2332a0167500&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a1c8f84a-d9db-4d08...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2fcdc27070ec4eaaa63681906c1d876c&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2fcdc27070ec4eaaa63681906c1d876c&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:38:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FDE9AA06442A449B9128BD4B3221B86A Ref B: FRA31EDGE0818 Ref C: 2023-11-08T17:38:59Z
x-cdn-traceid
0.56e22517.1699465139.6a05afe
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 08 Nov 2023 17:38:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1C9F8B8BAEDC40CA9B06A5410D9A2490 Ref B: FRA31EDGE0713 Ref C: 2023-11-08T17:38:59Z
x-cdn-traceid
0.56e22517.1699465139.6a05aa1
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2fcdc27070ec4eaaa63681906c1d876c&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame A673 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
br
last-modified
Thu, 02 Nov 2023 22:53:11 GMT
x-azure-ref-originshield
0VetKZQAAAABa7NnzWkM2S5yzZbSI1xbdQU1TMDRFREdFMTkwNwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
content-md5
kdPOAVFN6QNoUqOkQe9Vww==
etag
0x8DBDBF67D6CFDCA
x-azure-ref
0s8dLZQAAAADDDPgIoB77Sp1YDD6Z2RldQlJVMzBFREdFMTExNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7af03070-c01e-0087-26bf-11ece5000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame A673 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 17:38:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Thu, 07 Nov 2024 17:38:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A673 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A673 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A673 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
8a6c58a25e971cfbc194f00dd2aa8ad4.js
www.gstatic.com/mysidia/ Frame CB78 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 07:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 01:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 06 Feb 2024 07:11:42 GMT
a01e32b8d850c2a0a0e4e112cb983053.js
www.gstatic.com/mysidia/ Frame CB78 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a01e32b8d850c2a0a0e4e112cb983053.js?tag=text/vanilla_highlight_ms_cta_adjustment
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4399691df9b757bd86238b43b21c9237baf8058d20786a94f5c364929e1b1a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4741
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 19:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:20:55 GMT
css
fonts.googleapis.com/ Frame CB78 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 17:26:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CB78 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame CB78 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CB78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame CB78 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB78 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame CB78 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 19:58:49 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C6B2 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:15:19 GMT
x-content-type-options
nosniff
age
390220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 05:15:19 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame C6B2 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:55:59 GMT
x-content-type-options
nosniff
age
513780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:55:59 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame FA05 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
br
last-modified
Thu, 02 Nov 2023 22:53:11 GMT
x-azure-ref-originshield
0VetKZQAAAABa7NnzWkM2S5yzZbSI1xbdQU1TMDRFREdFMTkwNwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
content-md5
kdPOAVFN6QNoUqOkQe9Vww==
etag
0x8DBDBF67D6CFDCA
x-azure-ref
0s8dLZQAAAAA5+MlDCZvYTZ1kTglt/AYvQlJVMzBFREdFMTExNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7af03070-c01e-0087-26bf-11ece5000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame FA05 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 17:38:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Thu, 07 Nov 2024 17:38:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FA05 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FA05 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA05 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
c.gif
www.bing.com/aes/ Frame FA05
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ca88d547-b392-4722-b063-530b6e2565aa&bidId=1&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=172bd134-e5db-4da0-98d3...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(8-0)?&RG=8d23315ce5994bf399830f9f6040ad68&SNR=1&GV=2&med=10
0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(8-0)?&RG=8d23315ce5994bf399830f9f6040ad68&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:38:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B1D0D4D7C5504513BBF5879D3F12CEF5 Ref B: FRA31EDGE0510 Ref C: 2023-11-08T17:38:59Z
x-cdn-traceid
0.56e22517.1699465139.6a05aff
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 08 Nov 2023 17:38:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BF8B36AEE9DA4E72BEBB3FD4EA85F0D3 Ref B: FRA31EDGE0221 Ref C: 2023-11-08T17:38:59Z
x-cdn-traceid
0.56e22517.1699465139.6a05aa2
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(8-0)?&RG=8d23315ce5994bf399830f9f6040ad68&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
155
expires
0
/
www.googleadservices.com/pagead/ar-adview/ Frame C6B2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C58IMssdLZbTQHa7V1fAP3YS02AfejaOccdednb7OEGQQASC_y68DYJGEoIWMGKAB9Oeg_QPIAQmpAkgBjp9_57E-qAMByAPLBKoE7gFP0KURVfHZmg26GnrcfmNreYupmCkXWKmYi_KcaQD...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053267844252135084%22,%22debug_reporting%22:true,%22destination%22:%22https://interhome.nl%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053267844252135084%22,%22debug_reporting%22:true,%22destination%22:%22https://interhome.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067987956%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223207511465385041777%22}&andc=true
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7053267844252135084","debug_reporting":true,"destination":"https://interhome.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067987956"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"3207511465385041777"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Nov 2023 17:39:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:38:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7053267844252135084","debug_reporting":true,"destination":"https://interhome.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067987956"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"3207511465385041777"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame A1CF 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 16:27:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 17:38:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A1CF 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame A1CF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:51 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 60CC 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A1CF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A1CF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A1CF 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:38:59 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame A1CF 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:58:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 19:58:49 GMT
15873462721534804628
tpc.googlesyndication.com/simgad/ Frame CB78 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15873462721534804628?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950530c9b5c48a2942cca79fa10b52c5372c7cea8b210bab5a053be86801582f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:17:20 GMT
x-content-type-options
nosniff
age
562899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15956
x-xss-protection
0
last-modified
Wed, 28 Dec 2022 09:55:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Nov 2024 05:17:20 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A19D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CB78 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3c08c12cbef68fe6d53c7781d646ac7ef19f1bee5beaec914da7eef5d574d3a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame 6C14 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=200&slotname=9171552325&adk=634504756&adf=3861831487&pi=t.ma~as.9171552325&w=830&fwrn=4&lmt=1699465138&rafmt=11&format=830x200&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138181&bpp=1&bdt=584&idt=257&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gN91qyyngY&p=https%3A//www.cvcpassagens.com.br&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
598209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:28:50 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EC4A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1a
i.clean.gg/ Frame A673 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 08 Nov 2023 17:38:59 GMT
server
nginx/1.21.6
via
1.1 google
truncated
/ Frame FF9F 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdf1569e019e9f82a50efd2d9ade73700e382083a50b790ebdd3b82e89ee3317

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053267844252135084%22,%22debug_reporting%22:true,%22destination%22:%22https://interhome.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067987956%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223207511465385041777%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 17:39:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame FA05 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559219139168_1KHXVQHK44QNAZT3DS&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b991f5921c406af0f8e9d4ea8c549c915ced63f4f91750c599b1fe20a7a4cc16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.56e22517.1699465139.6a05bea
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
10714
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame FA05 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QLzA-jzAQAAAwDWAAUBCLOPr6oGEM-PtKuW-euFWRgAKjYJ41p1R368oD8RAlj9l4ZKoD8ZAAAAgD0Ktz8hAg0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4oPIFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCH2h0dHBzOi8vd3d3LmN2Y3Bhc3NhZ2Vucy5jb20uYnKAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFx1iIBQGYBQCgBdWCgKySh6DbM8AFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF4pkr-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHoPIF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=ce733f301ab9b4167bcce0e071d8912e3711e637&bdref=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.cvcpassagens.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5823210502176162%26output%3Dhtml%26h%3D90%26adk%3D2073342730%26adf%3D2944490034%26pi%3Dt.aa~a.2824705369~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699465139%26rafmt%3D1%26to%3Dqs%26pwprc%3D5746823351%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.cvcpassagens.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699465139215%26bpp%3D1%26bdt%3D1618%26idt%3D-M%26shv%3Dr20231106%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6ea5f90b267b6ea1-22331122cee4009b%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA%26gpic%3DUID%253D00000cbc5cbe235f%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw%26prev_fmts%3D0x0%252C1170x280%252C830x200%252C830x498%252C830x90%26nras%3D3%26correlator%3D100211640424%26frm%3D20%26pv%3D1%26ga_vid%3D1695886719.1699465138%26ga_sid%3D1699465138%26ga_hid%3D834680999%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D3697%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44807454%252C44807463%252C44807763%252C31078297%252C44807406%252C44808149%26oid%3D2%26pvsid%3D3709246204984017%26tmod%3D40386531%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D6%26uci%3Da!6%26btvi%3D3%26fsb%3D1%26xpc%3DaAA5pmApGw%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br%26dtd%3D7,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5823210502176162%26output%3Dhtml%26h%3D90%26adk%3D2073342730%26adf%3D2944490034%26pi%3Dt.aa~a.2824705369~rp.4%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699465139%26rafmt%3D1%26to%3Dqs%26pwprc%3D5746823351%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.cvcpassagens.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699465139215%26bpp%3D1%26bdt%3D1618%26idt%3D-M%26shv%3Dr20231106%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6ea5f90b267b6ea1-22331122cee4009b%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA%26gpic%3DUID%253D00000cbc5cbe235f%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw%26prev_fmts%3D0x0%252C1170x280%252C830x200%252C830x498%252C830x90%26nras%3D3%26correlator%3D100211640424%26frm%3D20%26pv%3D1%26ga_vid%3D1695886719.1699465138%26ga_sid%3D1699465138%26ga_hid%3D834680999%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D3697%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44807454%252C44807463%252C44807763%252C31078297%252C44807406%252C44808149%26oid%3D2%26pvsid%3D3709246204984017%26tmod%3D40386531%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D6%26uci%3Da!6%26btvi%3D3%26fsb%3D1%26xpc%3DaAA5pmApGw%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br%26dtd%3D7&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
50539297-b441-4997-ae7b-b747ab83614f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
th
www.bing.com/ Frame A673 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559323609250_1TL0XFGUKYWT06N3NP&pid=21.2&c=16&roil=0.2383&roit=0&roir=0.7617&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f2fadc770240f64b9fff5c8af50401375a21a42e7fa0823c05360d7357813f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.56e22517.1699465139.6a05bfd
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12230
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame A673 		0
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QLzA-jzAQAAAwDWAAUBCLKPr6oGEOCqzd2c1drCHRgAKjYJYrtVjWBUrD8RvBO9w3aTqz8ZAAAAANejwD8hvA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4pvUFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCH2h0dHBzOi8vd3d3LmN2Y3Bhc3NhZ2Vucy5jb20uYnKAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFx1SIBQGYBQCgBfqywqCw16-aHMAFAMkFIRQcAADwP9IFCQkJDHgAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6b1BdIHDRVlASYI2gcGAV6kGADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=85ab19c8b4de1c9699267dae7fac59569051ccac&bdref=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.cvcpassagens.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231106%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-5823210502176162%26fa%3D3%26ifi%3D9%26uci%3Da!9%26btvi%3D5%26xpc%3DEJsR2M5E65%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231106%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
70f1e232-7042-4295-b524-dcd719709fc9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame FB1F 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
br
last-modified
Thu, 02 Nov 2023 22:53:11 GMT
x-azure-ref-originshield
0VetKZQAAAABa7NnzWkM2S5yzZbSI1xbdQU1TMDRFREdFMTkwNwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
content-md5
kdPOAVFN6QNoUqOkQe9Vww==
etag
0x8DBDBF67D6CFDCA
x-azure-ref
0s8dLZQAAAACf8rYJQauDQ5iUnYQs23hjQlJVMzBFREdFMTExNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7af03070-c01e-0087-26bf-11ece5000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame FB1F 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 17:39:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Thu, 07 Nov 2024 17:39:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FB1F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7679
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame FB1F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
l
www.google.com/ads/measurement/ Frame FB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1BgIyhcrXbXW9tNqgjeZsG8hxuvcgHeFxfLC-l9ENmizDobMfrJqWWhX6DE-RLH6OxpssP0MEhnBC6oJLUsQD05pa7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB1F 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:39:00 GMT
c.gif
www.bing.com/aes/ Frame FB1F
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b5596be7-2120-45c2-9b43-c9f734ced0d0&bidId=15000&bidderId=4&cmExpId=V5&oAdUnit=391466&publisherId=162645330&rId=a59b678e-4b89-44eb-...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3df1ca499e9b43e89039b76e972ce3fb&SNR=1&GV=2&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3df1ca499e9b43e89039b76e972ce3fb&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5BD403A82D11413799412536275BFC3C Ref B: FRA31EDGE0106 Ref C: 2023-11-08T17:39:00Z
x-cdn-traceid
0.56e22517.1699465140.6a05c95
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 08 Nov 2023 17:39:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42DB7139A753493DBA9C456D77F749A9 Ref B: FRA31EDGE0621 Ref C: 2023-11-08T17:39:00Z
x-cdn-traceid
0.56e22517.1699465139.6a05c34
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=3df1ca499e9b43e89039b76e972ce3fb&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
quic-version
0x00000001
sdk.js
adsdk.microsoft.com/native-to-display/ Frame BE6E 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 08 Nov 2023 17:38:59 GMT
content-encoding
br
last-modified
Thu, 02 Nov 2023 22:53:11 GMT
x-azure-ref-originshield
0VetKZQAAAABa7NnzWkM2S5yzZbSI1xbdQU1TMDRFREdFMTkwNwA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
content-md5
kdPOAVFN6QNoUqOkQe9Vww==
etag
0x8DBDBF67D6CFDCA
x-azure-ref
0tMdLZQAAAAAK3ZfG7xQOQ4TvOpsw+LMfQlJVMzBFREdFMTExNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7af03070-c01e-0087-26bf-11ece5000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame BE6E 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 17:39:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Thu, 07 Nov 2024 17:39:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BE6E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 15:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7680
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:31:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame BE6E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
77802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE6E 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 17:39:00 GMT
c.gif
www.bing.com/aes/ Frame BE6E
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=057927f5-3821-4c40-ac9b-40982ac71910&bidId=15000&bidderId=4&cmExpId=V7&oAdUnit=391466&publisherId=162645330&rId=3c3c52db-8085-4b25-...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0d7b0a62d5aa48258621d6d043f11936&SNR=1&GV=2&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0d7b0a62d5aa48258621d6d043f11936&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DA529438C21F49AA80C596DCCA27E704 Ref B: FRA31EDGE0818 Ref C: 2023-11-08T17:39:00Z
x-cdn-traceid
0.56e22517.1699465140.6a05ca3
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 08 Nov 2023 17:39:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B45A3225471B415198ACB1DB79D1A57F Ref B: FRA31EDGE0222 Ref C: 2023-11-08T17:39:00Z
x-cdn-traceid
0.56e22517.1699465140.6a05c59
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0d7b0a62d5aa48258621d6d043f11936&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
quic-version
0x00000001
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CB78 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
116982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 09:09:18 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FF9F 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
116982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 09:09:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 60CC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:00 GMT
expires
Wed, 08 Nov 2023 17:39:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame A19D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:00 GMT
expires
Wed, 08 Nov 2023 17:39:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame FB1F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.10239329254762_1XI40G9IHKYDYJVWN&pid=21.2&c=17&roil=0&roit=0.0283&roir=0.9992&roib=0.8194&w=200&h=105&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a6f6d401f4438bffc1d92bbf133662b78cc8d9534d8af7f3f0f0e8f51d925c6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.56e22517.1699465140.6a05d6d
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
8648
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame FB1F 		0
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QLzA8jzAQAAAwDWAAUBCLOPr6oGEP3C06G6vIrsOhgAKjYJa9PLH2WAmT8RfmmRXb3SmD8ZAAABAgzoPyF-DRIAKREk0DEAAACgmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHim9wWAAQGKAQNVU0SSBQbwpJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIfaHR0cHM6Ly93d3cuY3ZjcGFzc2FnZW5zLmNvbS5icoADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAXHVIgFAZgFAKAFtqvVnqPDj95ywAUAyQUhEhwAAPA_0gUJCQkMeAAA2AUB4AUB8AW59AH6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpvcF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=0039e05d5ef7dfc1980bb4eb5493527a6657aa45&bdref=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.cvcpassagens.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5823210502176162%26output%3Dhtml%26h%3D90%26adk%3D125966046%26adf%3D2546973269%26pi%3Dt.aa~a.4243739526~i.8~rp.4%26w%3D830%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699465139%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5746823351%26ad_type%3Dtext_image%26format%3D830x90%26url%3Dhttps%253A%252F%252Fwww.cvcpassagens.com.br%252F%26fwr%3D0%26pra%3D3%26rh%3D200%26rw%3D830%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699465139198%26bpp%3D1%26bdt%3D1600%26idt%3D2%26shv%3Dr20231106%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6ea5f90b267b6ea1-22331122cee4009b%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA%26gpic%3DUID%253D00000cbc5cbe235f%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw%26prev_fmts%3D0x0%252C1170x280%252C830x200%252C830x498%26nras%3D2%26correlator%3D100211640424%26frm%3D20%26pv%3D1%26ga_vid%3D1695886719.1699465138%26ga_sid%3D1699465138%26ga_hid%3D834680999%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D215%26ady%3D1681%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44807454%252C44807463%252C44807763%252C31078297%252C44807406%252C44808149%26oid%3D2%26pvsid%3D3709246204984017%26tmod%3D40386531%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DiOpwchZxdf%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br%26dtd%3D7,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5823210502176162%26output%3Dhtml%26h%3D90%26adk%3D125966046%26adf%3D2546973269%26pi%3Dt.aa~a.4243739526~i.8~rp.4%26w%3D830%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699465139%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5746823351%26ad_type%3Dtext_image%26format%3D830x90%26url%3Dhttps%253A%252F%252Fwww.cvcpassagens.com.br%252F%26fwr%3D0%26pra%3D3%26rh%3D200%26rw%3D830%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699465139198%26bpp%3D1%26bdt%3D1600%26idt%3D2%26shv%3Dr20231106%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6ea5f90b267b6ea1-22331122cee4009b%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA%26gpic%3DUID%253D00000cbc5cbe235f%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw%26prev_fmts%3D0x0%252C1170x280%252C830x200%252C830x498%26nras%3D2%26correlator%3D100211640424%26frm%3D20%26pv%3D1%26ga_vid%3D1695886719.1699465138%26ga_sid%3D1699465138%26ga_hid%3D834680999%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D215%26ady%3D1681%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44807454%252C44807463%252C44807763%252C31078297%252C44807406%252C44808149%26oid%3D2%26pvsid%3D3709246204984017%26tmod%3D40386531%26uas%3D0%26nvt%3D1%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DiOpwchZxdf%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br%26dtd%3D7&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
d01326d9-f52a-47e6-983b-50d392d56d14
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 51C6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 09 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FA05 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50435be9ac4478366be2a39c59c8a8400126879ca331638fb5a6696ccb86e282

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame FA05 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXLots8dLZdyzEITE1fAPy7a4mAXS4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTmAU_QU3z_Dp1Iak4ZIbEVaKRxmZnK603eHwMNX2Bbl-vZ5VNdQLm18lsxUblFosN0rl97z5MkbP77VqBBN4dxEj54mFEg1VyFiaUAkO_V_DTdqpTjBRnJ8wWCMOwJDjm5TzLQTnHgUdtUZ1-tFF_0T4vSH_cPJNHUbSwWMQSvv20Ld3TnFXSjI2A_eErezdCZP0iix9zg0hTeBN_hzJfWLbsNekVA9VLHSV1BxnSc1w0g6ZXiaJc0L7IxGNsveD-khj5F3c7y1T6AzilufgYv8uK2vj_HteO-CiDQ_fMcWHvWAVyXc7kGgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MjMyMTA1MDIxNzYxNjIYAA&sigh=X2KNiTvxuPg&uach_m=[UACH]&cid=CAQSOwDICaaN0JihbWm1CvOwfs6rC4KzrnWUS9wdMSIhLEnHXXN-kn3TVHI62pQUDPuUhf2SQbnUp2-HTQk9GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame FA05 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKXB-iXAwAAAwDWAAUBCLOPr6oGEM-PtKuW-euFWRgAKjYJ41p1R368oD8RAlj9l4ZKoD8ZAAAAgD0Ktz8hAg0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4oPIFgAEBigEDVVNEkgUG8GWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIfaHR0cHM6Ly93d3cuY3ZjcGFzc2FnZW5zLmNvbS5icoADAIgDAZADAJgDCaADAaoDoQMKuwJodHQVNfB9YmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTcyYmQxMzQtZTVkYi00ZGEwLTk4ZDMtZDM5MmU1MzQ1ZTY0JmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuGVcgcHVibGlzaGVyAV4gNjI2NDUzMzAmBQ6ObAC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wQ19vaGxyZWh2cSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzY0MTY0MTUzNzM2NDQzMzUwNTUiCTM4MTg0NjcxNCoEIViAOjRVMlZoY21Ob1FXUWpPRE0wT1RRME5EY3hORFUwTlRnDRTwUlV4TkRFMk9EQTVNems9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERWhYiAUBmAUAoAXVgoCskoeg2zPABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeKZK_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6DyBdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=94c8ee71fdfa96a33fa4a64ddf09d3d6af502a46&pp=ZUvHswAEGdwIFWIEAA4bS0ldkpNDWbDmtc3oLg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwBVws8dLZdyzEITE1fAPy7a4mAXS4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTpAU_QU3z_Dp1Iak4ZIbEVaKRxmZnK603eHwMNX2Bbl-vZ5VNdQLm18lsxUblFosN0rl97z5MkbP77VqBBN4dxEj54mFEg1VyFiaUAkO_V_DTdqpTjBRnJ8wWCMOwJDjm5TzLQTnHgUdtUZ1-tFF_0T4vSH_cPJNHUbSwWMQSvv20Ld3TnFXSjI2A_eErezdCZP0iix9zg0hTeBN_hzJfWLbsNekVA9VLHSV1BxnSc1w0g6ZXiaJc0L7IxGNsveD-khnxH_FwwccTtWtMay5h2dlSynTVDvM2m04JWpHeg2FH6GZwWkdSSKRP5gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2HIBQu-9fA2fSxynDBwExdqV41lw%26client%3Dca-pub-5823210502176162%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
8789fd23-a8f1-4134-bead-f9b133272e15
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
th
www.bing.com/ Frame BE6E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.10239363831383_1UK7CRMNVUIGQ3I74&pid=21.2&c=16&roil=0.0008&roit=0&roir=0.9975&roib=1&w=200&h=105&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
709665b1358cfb98c7fc6dc6e2da85efd4086938858ac2b553eccdbc654fd03a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.56e22517.1699465140.6a05e00
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
6300
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame BE6E 		0
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QLzA-jzAQAAAwDWAAUBCLOPr6oGEJCBzq_co-CZBhgAKjYJXDVgCTwNnD8RpI25szZOmz8ZAAAAgD0Ktz8hpA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG8KSYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCH2h0dHBzOi8vd3d3LmN2Y3Bhc3NhZ2Vucy5jb20uYnKAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AQFx1iIBQGYBQCgBfXqq9SEiqPmIMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFufQB-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkPQF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=90b3054de1456575b0961c75e2c6967a9e17d3e7&bdref=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.cvcpassagens.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5823210502176162%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1839787983%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699465139%26rafmt%3D1%26to%3Dqs%26pwprc%3D5746823351%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.cvcpassagens.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699465139215%26bpp%3D1%26bdt%3D1618%26idt%3D0%26shv%3Dr20231106%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6ea5f90b267b6ea1-22331122cee4009b%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA%26gpic%3DUID%253D00000cbc5cbe235f%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw%26prev_fmts%3D0x0%252C1170x280%252C830x200%252C830x498%252C830x90%252C1200x90%26nras%3D4%26correlator%3D100211640424%26frm%3D20%26pv%3D1%26ga_vid%3D1695886719.1699465138%26ga_sid%3D1699465138%26ga_hid%3D834680999%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D4276%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44807454%252C44807463%252C44807763%252C31078297%252C44807406%252C44808149%26oid%3D2%26pvsid%3D3709246204984017%26tmod%3D40386531%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D7%26uci%3Da!7%26btvi%3D4%26fsb%3D1%26xpc%3DdQcCiFbyGO%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br%26dtd%3D11,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5823210502176162%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D1839787983%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699465139%26rafmt%3D1%26to%3Dqs%26pwprc%3D5746823351%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fwww.cvcpassagens.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699465139215%26bpp%3D1%26bdt%3D1618%26idt%3D0%26shv%3Dr20231106%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D6ea5f90b267b6ea1-22331122cee4009b%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA%26gpic%3DUID%253D00000cbc5cbe235f%253AT%253D1699465138%253ART%253D1699465138%253AS%253DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw%26prev_fmts%3D0x0%252C1170x280%252C830x200%252C830x498%252C830x90%252C1200x90%26nras%3D4%26correlator%3D100211640424%26frm%3D20%26pv%3D1%26ga_vid%3D1695886719.1699465138%26ga_sid%3D1699465138%26ga_hid%3D834680999%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D4276%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44807454%252C44807463%252C44807763%252C31078297%252C44807406%252C44808149%26oid%3D2%26pvsid%3D3709246204984017%26tmod%3D40386531%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D7%26uci%3Da!7%26btvi%3D4%26fsb%3D1%26xpc%3DdQcCiFbyGO%26p%3Dhttps%253A%2F%2Fwww.cvcpassagens.com.br%26dtd%3D11&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
7bb1b0ee-173a-42d4-a89d-0a9969b6e45a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame FF9F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUIY0ssdLZfm7HdmA1fAP2eimqAn79dqUbt-frpnAEcmA5YKgOBABIL_LrwNgkYSghYwYoAG54_7yA8gBAakCSAGOn3_nsT6oAwHIA8sEqgTwAU_QsNiADfbykvCUR42qQF8R4iDYLyEMc8-...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212997457519100951724%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_w...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212997457519100951724%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221046458809%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216020025648699597393%22}&andc=true
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12997457519100951724","debug_reporting":true,"destination":"https://vangemertzwembaden.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1046458809"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"16020025648699597393"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Nov 2023 17:39:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12997457519100951724","debug_reporting":true,"destination":"https://vangemertzwembaden.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1046458809"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"16020025648699597393"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame EC4A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:00 GMT
expires
Wed, 08 Nov 2023 17:39:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
vevent
ams3-ib.adnxs.com/ Frame A673 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKhB-ihAwAAAwDWAAUBCLKPr6oGEOCqzd2c1drCHRgAKjYJYrtVjWBUrD8RvBO9w3aTqz8ZAAAAANejwD8hvA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4pvUFgAEBigEDVVNEkgUG8GWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCH2h0dHBzOi8vd3d3LmN2Y3Bhc3NhZ2Vucy5jb20uYnKAAwCIAwGQAwCYAwmgAwGqA6oDCsACaHQZNQxiaW5nAS3weS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMWM4Zjg0YS1kOWRiLTRkMDgtYWFmNC02M2MzNzQyMGZhNjYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYY5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BDX29obHJlaHZxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjEyNzIyMzY3NjUwMTk3MjMyMCIJMzgxODQ2NzE0KgQhXfDeOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TURRak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX6ssKgsNevmhzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgHpvUF0gcNFWUBJgzaBwYIBQmo4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=8006766f9a6b0f28afb004160fedee4838ebcebe&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=7659534441662350801&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
566f7246-7ecf-4952-b968-3de0363f72b0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame FA05 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKXB-iXAwAAAwDWAAUBCLOPr6oGEM-PtKuW-euFWRgAKjYJ41p1R368oD8RAlj9l4ZKoD8ZAAAAgD0Ktz8hAg0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4oPIFgAEBigEDVVNEkgUG8GWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIfaHR0cHM6Ly93d3cuY3ZjcGFzc2FnZW5zLmNvbS5icoADAIgDAZADAJgDCaADAaoDoQMKuwJodHQVNfB9YmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTcyYmQxMzQtZTVkYi00ZGEwLTk4ZDMtZDM5MmU1MzQ1ZTY0JmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuGVcgcHVibGlzaGVyAV4gNjI2NDUzMzAmBQ6ObAC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGRh6emYlM0FrDR_wQ19vaGxyZWh2cSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzY0MTY0MTUzNzM2NDQzMzUwNTUiCTM4MTg0NjcxNCoEIViAOjRVMlZoY21Ob1FXUWpPRE0wT1RRME5EY3hORFUwTlRnDRTwUlV4TkRFMk9EQTVNems9wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERWhYiAUBmAUAoAXVgoCskoeg2zPABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeKZK_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6DyBdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=94c8ee71fdfa96a33fa4a64ddf09d3d6af502a46&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=7659534441662350801&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
fbb30207-8b81-46ae-b63c-088c51b87687
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame 6C5B 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=280&slotname=4849163934&adk=657227423&adf=977984810&pi=t.ma~as.4849163934&w=1170&fwrn=4&fwrnh=100&lmt=1699465138&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465138180&bpp=1&bdt=583&idt=251&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pxIUf7gVjm&p=https%3A//www.cvcpassagens.com.br&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
598210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:28:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B979 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 09 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FB1F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45ac764ad6355398b81d1c04c5ad7e4995ba9f0a2abd7578a12c3268b3154c70

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame FB1F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSgFis8dLZZPWD8_N1fAPyfO_-A3S4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTlAU_Qcpq9ZMPGZKeC9Px5TjCDfb6gR7SWaYBQ9YE6G-fvOHcDWhU9pPL2eml_rvvKGUIEEtJcW3v5l4laH-oHA6NwmEMA9r-h6wKY1SlRr_53XsGUBwocti-1c_MdMAOsd0op84cPzIrGebPO3YbErbCszd8nxIn5yK8InhJVqz0g1WqnN6xKBJ1Y89FTIB9UFoZHZoVwQnDCsuJf-oLiSiXEV8WGi4H0aH_TRfVm4iLepRDfg3wcIQ-QYeIJ5NggKIb0jJWVer8hVhig5nXR14MJyjVKwfaRKAVXAAwCI2q9t2abEH6ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTgyMzIxMDUwMjE3NjE2MhgA&sigh=0case-QZka0&uach_m=[UACH]&cid=CAQSOwDICaaN0KS-rCR1sbO5253Gvk7c1PjVvlXQ9YOTU5AINd1bch1K9HDVi4gDdsmUfDWk3XBc0OQPzsJpGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame FB1F 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKiB8iiAwAAAwDWAAUBCLOPr6oGEP3C06G6vIrsOhgAKjYJa9PLH2WAmT8RfmmRXb3SmD8ZAAABAgzoPyF-DRIAKREk0DEAAACgmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHim9wWAAQGKAQNVU0SSBQbwZZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh9odHRwczovL3d3dy5jdmNwYXNzYWdlbnMuY29tLmJygAMAiAMBkAMAmAMJoAMBqgOsAwrCAmh0dBU18IFiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hNTliNjc4ZS00Yjg5LTQ0ZWItOGFmMi1kNzM4NTVlNzdmN2UmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuGVtUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGGOcAC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQDwTF9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyNDAxODUxMDY4NTg1NjYwMTMiCTM4MTg0NjcxNCoEIV_w3jo4VTJWaGNtTm9RV1FqT0RFM056WXlPVFUxTlRJek1Ua2pNak16TXpVM05UazVNVEl3T0RjMU13PT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFtqvVnqPDj95ywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFufQB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB6b3BdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=270fd9086794a116a85bbec0076968ce2878224d&pp=ZUvHswAD6xMIFWbPAA_5ybtMzuMvAp29oRP3Kw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJcORs8dLZZPWD8_N1fAPyfO_-A3S4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgToAU_Qcpq9ZMPGZKeC9Px5TjCDfb6gR7SWaYBQ9YE6G-fvOHcDWhU9pPL2eml_rvvKGUIEEtJcW3v5l4laH-oHA6NwmEMA9r-h6wKY1SlRr_53XsGUBwocti-1c_MdMAOsd0op84cPzIrGebPO3YbErbCszd8nxIn5yK8InhJVqz0g1WqnN6xKBJ1Y89FTIB9UFoZHZoVwQnDCsuJf-oLiSiXEV8WGi4H0aH_TRfVm4iLepRDfg3wcIQ-QYeIJ5NggaoTVHlcxgNK1rGwVeCxVYYcqwLFD7-5IioMOhLCCCUald-d5feqp0BGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZoxybC8-97cbQ7D39Eo3LCfpReQ%26client%3Dca-pub-5823210502176162%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
26f1ad12-e9bf-43bd-acdb-0ded91436355
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212997457519100951724%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221046458809%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216020025648699597393%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 17:39:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A673 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da38fcc0e5b11ed7f64d8173a0f954dc7426f68fd0e90f1b7018a989f31a66cd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame CB78
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CkfPlssdLZZSWHbe01fAPzrq06A379dqUbt-frpnAEcmA5YKgOBABIL_LrwNgkYSghYwYoAG54_7yA8gBAakCgaVzwBfvsT6oAwHIA8sEqgTwAU_QpsLcGZ-vIyVSu9UDfChhvAYroCuvLRr...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22171901478752694143%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_win...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22171901478752694143%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221046458809%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2243644964984498305%22}&andc=true
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"171901478752694143","debug_reporting":true,"destination":"https://vangemertzwembaden.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1046458809"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"43644964984498305"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Nov 2023 17:39:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"171901478752694143","debug_reporting":true,"destination":"https://vangemertzwembaden.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1046458809"],"4":["11-08"],"6":["true"]},"priority":"500","source_event_id":"43644964984498305"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1C15 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Thu, 09 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BE6E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a795f758908ccb979e8196e935395026a824353f4c49b28c40b3bdd22ee9f372

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame BE6E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7XNOs8dLZe_yEPjM1fAPuNOPoAzS4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTmAU_Q3Bbet_y20Ft_hRjITek03PMfUSgV0pABxQH9PfeK-b-rHJjYdMh-2K64We1eHX2edOCX3tnJMqQvAf2q3rpAZGiop6gaAJXno2xF8t_WkAeicEkHswnScZr8xnB0ksR2MRpsjyzPiKPkxM7zYnZtP0qfCVCwxk44NuDIhrOAANd6zpTHZvuD3n_ZeHdVNf42i5JTjD0qWtOS8PDpwvYNudp_dzOsxszTcLNPceP8NFygi3ePG7Q2CqyBewgoIApbi0i1d3u4hWGbvf5x6tBLffjmv8_wQJZSaPW4IdsGP3md8QuFgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MjMyMTA1MDIxNzYxNjIYAA&sigh=dc-Xc_yQEng&uach_m=[UACH]&cid=CAQSOwDICaaNyslbFRKiraOOxqTyKSi1DeX_ALcpSIfA0XsTeTwdXcVx-gv84S_33TkuJC1aUdnReCT53pbxGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame BE6E 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKkB-ikAwAAAwDWAAUBCLOPr6oGEJCBzq_co-CZBhgAKjYJXDVgCTwNnD8RpI25szZOmz8ZAAAAgD0Ktz8hpA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG8GWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIfaHR0cHM6Ly93d3cuY3ZjcGFzc2FnZW5zLmNvbS5icoADAIgDAZADAJgDCaADAaoDrgMKxQJodHQVNfCBYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9M2MzYzUyZGItODA4NS00YjI1LTk4YWUtZWE3MzVjOTJkNTk0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1WNyZvQWRVbhlbVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgAzjnAAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9BcBX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNDQ2ODQyNzUyOTE0OTE1NDcyIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERTNOell6TURBMU9USTFNemtqTWpNek16VTNOVGs1TVRJd09EYzFNdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfXqq9SEiqPmIMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbn0AfoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkPQF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8e9e1c9c863f59881a3281633639c106b20ecc09&pp=ZUvHswAEOW8IFWZ4AAPpuJukTUttKFwTCiEcmw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGVgVs8dLZe_yEPjM1fAPuNOPoAzS4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTpAU_Q3Bbet_y20Ft_hRjITek03PMfUSgV0pABxQH9PfeK-b-rHJjYdMh-2K64We1eHX2edOCX3tnJMqQvAf2q3rpAZGiop6gaAJXno2xF8t_WkAeicEkHswnScZr8xnB0ksR2MRpsjyzPiKPkxM7zYnZtP0qfCVCwxk44NuDIhrOAANd6zpTHZvuD3n_ZeHdVNf42i5JTjD0qWtOS8PDpwvYNudp_dzOsxszTcLNPceP8NFygi3ePG7Q2CqyBewgoIEhZqtp304HVEZvvCGAobmZPXvJituHomTTUMXEEofEqJ7kcE2YRYJWagAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1DXa7LliVMGSHY0YIMD1UImPdtYQ%26client%3Dca-pub-5823210502176162%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
9d2f6f1f-a64f-438e-acd7-18bde26b58ac
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame FB1F 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKiB8iiAwAAAwDWAAUBCLOPr6oGEP3C06G6vIrsOhgAKjYJa9PLH2WAmT8RfmmRXb3SmD8ZAAABAgzoPyF-DRIAKREk0DEAAACgmZmpPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHim9wWAAQGKAQNVU0SSBQbwZZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh9odHRwczovL3d3dy5jdmNwYXNzYWdlbnMuY29tLmJygAMAiAMBkAMAmAMJoAMBqgOsAwrCAmh0dBU18IFiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hNTliNjc4ZS00Yjg5LTQ0ZWItOGFmMi1kNzM4NTVlNzdmN2UmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuGVtUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGGOcAC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQDwTF9weXZweHBiYXN2ZXpuZ3ZiYSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQyNDAxODUxMDY4NTg1NjYwMTMiCTM4MTg0NjcxNCoEIV_w3jo4VTJWaGNtTm9RV1FqT0RFM056WXlPVFUxTlRJek1Ua2pNak16TXpVM05UazVNVEl3T0RjMU13PT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFtqvVnqPDj95ywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFufQB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAFRBUBAYtg4AYB8gYCCACABwGIBwCgBwHIB6b3BdIHDRVlASYM2gcGCAUJqOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=270fd9086794a116a85bbec0076968ce2878224d&type=nv&nvt=5&jm=1003&px=51&py=0&bw=182&bh=90&sid=7659534441662350801&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=830&ph=90&ww=830&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
82ec555b-f2fe-48a6-8e4a-eb98bc2f5486
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame E343 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
598210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:28:50 GMT
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame 043E 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
598210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:28:50 GMT
pixel
cm.g.doubleclick.net/ Frame 51C6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cver=1&google_push=AXcoOmTGsFAHXvtT0L4ZpX6blsUHKPAMw1g06oNYCixH2mX...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cver=1&google_push=AXcoOmTGsFAHXvtT0L4ZpX6blsUHKPAMw1g06oNYCixH2mX0LOUGw9nOj4t4_9Cc_oaQ3Q7C1ZcmSieAxwusMcV_VP3TmJ1IEeayDA
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 17:39:00 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-062149d55703cc53e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEJW5cizUsBj7dQuHqHMCEcQ&google_cver=1&google_push=AXcoOmTGsFAHXvtT0L4ZpX6blsUHKPAMw1g06oNYCixH2mX0LOUGw9nOj4t4_9Cc_oaQ3Q7C1ZcmSieAxwusMcV_VP3TmJ1IEeayDA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 51C6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcQS9YlKt2tTLgciWPJqp4&google_push=AXcoOmToTuv2j9eFVyP4tZa-7soqh-8NZm_C5JTreDyQNeuzuCpu2W38vm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcQS9YlKt2tTLgciWPJqp4&google_push=AXcoOmToTuv2j9eFVyP4tZa-7soqh-8NZm_C5JTreDyQNeuzuCpu2W38vmkscHrToxKv7b29dIRUPsHUcB2OR6MKqqlfKmikPEMe
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ams21033-AMS
pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1699465141.821591,VS0,VE90
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcQS9YlKt2tTLgciWPJqp4&google_push=AXcoOmToTuv2j9eFVyP4tZa-7soqh-8NZm_C5JTreDyQNeuzuCpu2W38vmkscHrToxKv7b29dIRUPsHUcB2OR6MKqqlfKmikPEMe
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 51C6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGsf-HfxF6ouel7S-hzdw7c&google_cver=1&google_push=AXcoOmQsEiUVhy8HXDmjB-R34Q1vNeWt3TqftJtdbluqs4s8fJs_tJ_GsVgEDoX3HxwcQuZHPx9U_ItiQ2ZORekOm8W4FHHwG5duGg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmQsEiUVhy8HXDmjB-R34Q1vNeWt3TqftJtdbluqs4s8fJs_tJ_GsVgEDoX3HxwcQuZHPx9U_ItiQ2ZORek...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmQsEiUVhy8HXDmjB-R34Q1vNeWt3TqftJtdbluqs4s8fJs_tJ_GsVgEDoX3HxwcQuZHPx9U_ItiQ2ZORekOm8W4FHHwG5duGg
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 17:39:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmQsEiUVhy8HXDmjB-R34Q1vNeWt3TqftJtdbluqs4s8fJs_tJ_GsVgEDoX3HxwcQuZHPx9U_ItiQ2ZORekOm8W4FHHwG5duGg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 07 Nov 2023 17:39:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 51C6 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGAfvqVAn_yoTqulb5TtEYU&google_cver=1&google_push=AXcoOmTFYAIU1bDy7ICaTHa13owCSvuCC60JQzLXNK-6RssJ3QFYRHWswn5QbLXJcRHdyJBRrsu800H7g8YcfstyUEQlGQrowjrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 51C6
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFsbWKUP1OWgJcpthlwHUYI&google_cver=1&google_push=AXcoOmQb7gDjz4XyCK2iJ6URAa5MvCHVWJVuCcZ_XJxZXOx3jGevzkDl58MVVIGjHIX7Bd0enzCFX42vy6XMHHuh...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ybxm3MCVRvYlvOvdLIALHQ&google_push=AXcoOmQb7gDjz4XyCK2iJ6URAa5MvCHVWJVuCcZ_XJxZXOx3jGevzkDl58MVVIGjHIX7Bd0enzCFX42vy6XMHHuhYqaOaHjpleJG
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ybxm3MCVRvYlvOvdLIALHQ&google_push=AXcoOmQb7gDjz4XyCK2iJ6URAa5MvCHVWJVuCcZ_XJxZXOx3jGevzkDl58MVVIGjHIX7Bd0enzCFX42vy6XMHHuhYqaOaHjpleJG
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 17:39:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ybxm3MCVRvYlvOvdLIALHQ&google_push=AXcoOmQb7gDjz4XyCK2iJ6URAa5MvCHVWJVuCcZ_XJxZXOx3jGevzkDl58MVVIGjHIX7Bd0enzCFX42vy6XMHHuhYqaOaHjpleJG
x-host
tde-deliveryengine-production-bb588bf9-zp7gw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 51C6
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQUmgy6...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQUmgy6...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDgxNzM5MDEwMDA5MTI2MjUyNTg4NQ%3D%3D&google_push=AXcoOmQUmgy6r_n-CUtfIk9CUF6a_wG9_FwbzJ1i93UXztcE7qIESEIRA0ZKbmFsOAXqQ8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDgxNzM5MDEwMDA5MTI2MjUyNTg4NQ%3D%3D&google_push=AXcoOmQUmgy6r_n-CUtfIk9CUF6a_wG9_FwbzJ1i93UXztcE7qIESEIRA0ZKbmFsOAXqQ8v1rAwR8TV1h1OAxpUDZGLVYKC_X7T_8g
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDgxNzM5MDEwMDA5MTI2MjUyNTg4NQ%3D%3D&google_push=AXcoOmQUmgy6r_n-CUtfIk9CUF6a_wG9_FwbzJ1i93UXztcE7qIESEIRA0ZKbmFsOAXqQ8v1rAwR8TV1h1OAxpUDZGLVYKC_X7T_8g
pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Wed, 08 Nov 2023 17:39:01 GMT
pixel
cm.g.doubleclick.net/ Frame 51C6
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBHEM5Vaa2x7D1RXkHYFgIE&google_cver=1&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zL...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBHEM5Vaa2x7D1RXkHYFgIE&google_cver=1&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zLnmFYB9w
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zLnmFYB9w
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTZcwg2MW9fnHjZiJez_V6yIYAbfJ_4RynGNwxc8jgcydMhGIZ8iPonDl-thfVxEoEhyU2W8ReinPHt56rgfnAY1zLnmFYB9w
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 51C6 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwHeYon_hj4jkBEpKjTJ5fG9u2bpmOFJCiEJx8GvsPJyz1_NdCbWJHlgsnFxOII6-ahzl8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2073342730&adf=2944490034&pi=t.aa~a.2824705369~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90&nras=3&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=aAA5pmApGw&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
vevent
ams3-ib.adnxs.com/ Frame BE6E 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKkB-ikAwAAAwDWAAUBCLOPr6oGEJCBzq_co-CZBhgAKjYJXDVgCTwNnD8RpI25szZOmz8ZAAAAgD0Ktz8hpA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG8GWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIfaHR0cHM6Ly93d3cuY3ZjcGFzc2FnZW5zLmNvbS5icoADAIgDAZADAJgDCaADAaoDrgMKxQJodHQVNfCBYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9M2MzYzUyZGItODA4NS00YjI1LTk4YWUtZWE3MzVjOTJkNTk0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1WNyZvQWRVbhlbVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgAzjnAAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9BcBX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNDQ2ODQyNzUyOTE0OTE1NDcyIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERTNOell6TURBMU9USTFNemtqTWpNek16VTNOVGs1TVRJd09EYzFNdz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfXqq9SEiqPmIMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbn0AfoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkPQF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=8e9e1c9c863f59881a3281633639c106b20ecc09&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=7659534441662350801&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
c7ae3beb-3868-4f67-9d9a-cee3ae9823d1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A673 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CfT29ssdLZZKWHbe01fAPzrq06A3S4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTgAU_Q8yUCswMpHVqBdFCoj9Nhi1a55Fcj0W9n4Z62VS6S-dVM7Tutl085pJUq-QBpfY0er7lWz8xxbUtvdRBIeYxn44zisSmLwNgoRkJ7v1FVSIh9jJAzObkRwOfPae0VmIlp5AOxturlGW8wDbR9Xk_IwmaNSJ74zDHPQYUGgITQP8nQrnvh11dF0AnL-tXYABgrV0eZdbc14q67ZnetxybAfI-XQXGO5jKxQC8UXWrVi2YtkoCRNP1XIIbrQGQgM1Rg-6h4IIJZb9RsK_aLabzhKJ-SKtQD4peGp2uqcvlZgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4MjMyMTA1MDIxNzYxNjIYAA&sigh=LzmutuarbNs&uach_m=[UACH]&cid=CAQSTwDICaaN3Wpawy4RrgcNahRLN9dC4Z27frpDCGLIobnk56Kf4hcgz4XI9uiZmzwBgJkrC5beWqY-z3JQywidd6W-t8NyWdai_iertg8NS6cYAQ&cbvp=2&vis=1
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame A673 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKhB-ihAwAAAwDWAAUBCLKPr6oGEOCqzd2c1drCHRgAKjYJYrtVjWBUrD8RvBO9w3aTqz8ZAAAAANejwD8hvA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4pvUFgAEBigEDVVNEkgUG8GWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCH2h0dHBzOi8vd3d3LmN2Y3Bhc3NhZ2Vucy5jb20uYnKAAwCIAwGQAwCYAwmgAwGqA6oDCsACaHQZNQxiaW5nAS3weS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMWM4Zjg0YS1kOWRiLTRkMDgtYWFmNC02M2MzNzQyMGZhNjYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYY5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BDX29obHJlaHZxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjEyNzIyMzY3NjUwMTk3MjMyMCIJMzgxODQ2NzE0KgQhXfDeOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TURRak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX6ssKgsNevmhzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgHpvUF0gcNFWUBJgzaBwYIBQmo4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=8006766f9a6b0f28afb004160fedee4838ebcebe&pp=ZUvHsgAHSxIIFVo3AA0dTt257ICabP8s_jyPwg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCETTdssdLZZKWHbe01fAPzrq06A3S4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01ODIzMjEwNTAyMTc2MTYyyAEJqAMByAMCqgTjAU_Q8yUCswMpHVqBdFCoj9Nhi1a55Fcj0W9n4Z62VS6S-dVM7Tutl085pJUq-QBpfY0er7lWz8xxbUtvdRBIeYxn44zisSmLwNgoRkJ7v1FVSIh9jJAzObkRwOfPae0VmIlp5AOxturlGW8wDbR9Xk_IwmaNSJ74zDHPQYUGgITQP8nQrnvh11dF0AnL-tXYABgrV0eZdbc14q67ZnetxybAfI-XQXGO5jKxQC8UXWrVi2YtkoCRNP1XIMTpYfbil64Nb1IMlRwA62JoCPwPYJL58T0Uc1C_Yr2qv6srkJTNG1V5gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Q5XgfnoZ32DnVVN-ZkbmM-K77ZA%26client%3Dca-pub-5823210502176162%26adurl%3D&cbvp=2
Requested by
Host: www.cvcpassagens.com.br
URL: https://www.cvcpassagens.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
an-x-request-uuid
6a6184fa-c914-40ff-a933-2cfc6395f513
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22171901478752694143%22,%22debug_reporting%22:true,%22destination%22:%22https://vangemertzwembaden.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221046458809%22],%224%22:[%2211-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2243644964984498305%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 08 Nov 2023 17:39:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame B979 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF3xL4OX0guXEtSzzfe4Gf4&google_cver=1&google_push=AXcoOmQO-SOLFGEO7w7yyBm1wi-PJSpMtl2XSm65L6RhGBYIPRxRzWjbT3Hpan5iu8cP7MNH15FCy4z45VMV-7vIwY_guTfq0GPA7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame B979
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cver=1&google_push=AXcoOmQkjXOT1-isVoaL4pADPMKx5BgVjltZieCZIdwkdog...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cver=1&google_push=AXcoOmQkjXOT1-isVoaL4pADPMKx5BgVjltZieCZIdwkdogDqDYBxcJQ_rmsWKjgMTQbIRK89_ar5H47UzhRFYnuwaFHfSCdJqFXjXc
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 17:39:00 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-051642093d6c37fb5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZlVhVDZMcTcxUjBNdzQ1&google_gid=CAESEDVq12nZEevpdyGZthhmDWE&google_cver=1&google_push=AXcoOmQkjXOT1-isVoaL4pADPMKx5BgVjltZieCZIdwkdogDqDYBxcJQ_rmsWKjgMTQbIRK89_ar5H47UzhRFYnuwaFHfSCdJqFXjXc
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame B979
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFQxL-h-5oQS6ZumOoH8Lr4&google_cver=1&google_push=AXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRP...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQxL-h-5oQS6ZumOoH8Lr4&google_cver=1&google_push=AXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNX...
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQxL-h-5oQS6ZumOoH8Lr4&google_cver=1&google_push=AXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
822f97cc0e0cb75b-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
88
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFQxL-h-5oQS6ZumOoH8Lr4&google_cver=1&google_push=AXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSDxnr0mcuP0KfYqQZKwnVCDFA4Jp5VeyzIlEHEm0HvrfUdI2B6yC1EWOItcBATdGXB4FtwHqr_IMwIWf4Zw2QBtQSoCNXRPzM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
822f97cacd01b75b-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B979
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-M5iczSI8IOa1qt1NLpRQ&google_push=AXcoOmRU0WTlUXPj9pYILvGelvzHEPFfAwYVZbLDLxAnQvU27Za35KcPCk...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-M5iczSI8IOa1qt1NLpRQ&google_push=AXcoOmRU0WTlUXPj9pYILvGelvzHEPFfAwYVZbLDLxAnQvU27Za35KcPCkyWjUugTeG6GCeDinhU8tIiGmiYng3uO4HdH2fmNj5pp5s
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ams21033-AMS
pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1699465141.855641,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB-M5iczSI8IOa1qt1NLpRQ&google_push=AXcoOmRU0WTlUXPj9pYILvGelvzHEPFfAwYVZbLDLxAnQvU27Za35KcPCkyWjUugTeG6GCeDinhU8tIiGmiYng3uO4HdH2fmNj5pp5s
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B979
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJkkt7H5ui9GZA-5oZ5rlEM&google_cver=1&google_push=AXcoOmSfS8kZTzlLfACCBErRj8W2_aXDLUCEgnA_Gn3h2FeTcNIZ1MyAYZVwWarCh5cftG4hGhGgWbufqEcCquwyzPBYJ1X16mWUdTM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=88E29FAE95BC48A7979A8DFD24DE1E6F&google_push=AXcoOmSfS8kZTzlLfACCBErRj8W2_aXDLUCEgnA_Gn3h2FeTcNIZ1MyAYZVwWarCh5cftG4hGhGgWbufqEcCquw...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=88E29FAE95BC48A7979A8DFD24DE1E6F&google_push=AXcoOmSfS8kZTzlLfACCBErRj8W2_aXDLUCEgnA_Gn3h2FeTcNIZ1MyAYZVwWarCh5cftG4hGhGgWbufqEcCquwyzPBYJ1X16mWUdTM
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 17:39:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=88E29FAE95BC48A7979A8DFD24DE1E6F&google_push=AXcoOmSfS8kZTzlLfACCBErRj8W2_aXDLUCEgnA_Gn3h2FeTcNIZ1MyAYZVwWarCh5cftG4hGhGgWbufqEcCquwyzPBYJ1X16mWUdTM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 07 Nov 2023 17:39:00 GMT
pixel
cm.g.doubleclick.net/ Frame B979
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGBw0FSwF32K8QNkwLzyLv4&google_cver=1&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6m-...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGBw0FSwF32K8QNkwLzyLv4&google_cver=1&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwNjUwNzUwNjQ4MDgzOTUxNA&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwNjUwNzUwNjQ4MDgzOTUxNA&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6m-0LMbQUcOtg8Xt7jh7sg8rRM
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcwNjUwNzUwNjQ4MDgzOTUxNA&google_push=AXcoOmTqDY8WDQh8sCPaGTGm4tm-hpO1rcRZ8qcX8sXr9_3g99dqbRDiZ_LikrIvnJq2-76T_aBaN6m-0LMbQUcOtg8Xt7jh7sg8rRM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame B979
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBylvDh2U8sm...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSauY4TtYV09YSEozXlLX7yGv8pfWyITTl2yhI9T-twpF-kPfOrVTThCJIR_JqQUOedjMM0jN_FvCT4o5wuyOT1ToUvQOvh0wjz
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Wed, 08 Nov 2023 17:39:01 GMT
pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B979 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jot2WcmlwUjTg9sUNuQXtLq8WPNtaq4ba2Nhz7zleAf9KcXtiHb2N_3aYiFivzQehCyozJqA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=125966046&adf=2546973269&pi=t.aa~a.4243739526~i.8~rp.4&w=830&fwrn=4&fwrnh=100&lmt=1699465139&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5746823351&ad_type=text_image&format=830x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rh=200&rw=830&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139198&bpp=1&bdt=1600&idt=2&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498&nras=2&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iOpwchZxdf&p=https%3A//www.cvcpassagens.com.br&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1C15
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJd6AdG8JBL6QR06v1g2DZI&google_cver=1&google_push=AXcoOmRm5W7h7kLxjpzPj5R2VIA81twjVKyJtiYJ0RMKvoNsnZR5hmd8R846-qPqnMZS6_-O-ZbVFrBeh2qqiQ54c52u0tSNa5GBPw
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU5Njk2NDAyMzY3OTc1MzE3Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJd6AdG8JBL6QR06v1g2DZI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJd6AdG8JBL6QR06v1g2DZI&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJd6AdG8JBL6QR06v1g2DZI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 1C15 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN7RRPfeKIV1ctvWSFE0QUM&google_cver=1&google_push=AXcoOmQYZY3C0bqvLNNBoQmOhkbAmYlMaVNmGDUkK7jRtz0cmLyN9K6BmhpsPI0RAD32REDFHs6Y_JnhXeipiavO_3TjcHL3lz-QGQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 1C15 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHabLoF4XLAjfpK5boLYimo&google_cver=1&google_push=AXcoOmQJ8OliA9iObCrTZF9FyGCUfKkOnYW_YXL6FZpbLvA8u_lgCPQF9HFxjk2_Gvl08vMqJvJOf1-c2iV6PmeRjsuuC6x_QiLQcA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 1C15
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDvcebywPOSfzcKeiYgOOWE&google_cver=1&google_push=AXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDvcebywPOSfzcKeiYgOOWE&google_cver=1&google_push=AXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDvcebywPOSfzcKeiYgOOWE&google_cver=1&google_push=AXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
822f97cc0e0bb75b-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
204
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDvcebywPOSfzcKeiYgOOWE&google_cver=1&google_push=AXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSRtiVcocwQQEZOcaIt9GxlTovk-wkQU7rm4KfkrF3Cc6JXfdXDkEz9qtiCcoJvxxKW0I6WADdnO3fX_99lnkG8UJnAFnf8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
822f97cacd02b75b-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C15
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELRX_QcverC29MCFP-YqRjw&google_cver=1&google_push=AXcoOmTnQtfh2FsWFSJydBMEVUuGXkLhn2Z0tV92bGNiApLV9iY0yBc4u-dosxC_Ije3Me67emgKQb9U62kJjbpJGjPXYpjMig7u9A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmTnQtfh2FsWFSJydBMEVUuGXkLhn2Z0tV92bGNiApLV9iY0yBc4u-dosxC_Ije3Me67emgKQb9U62kJjbp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmTnQtfh2FsWFSJydBMEVUuGXkLhn2Z0tV92bGNiApLV9iY0yBc4u-dosxC_Ije3Me67emgKQb9U62kJjbpJGjPXYpjMig7u9A
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 17:39:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50A1F0E2ECB2470DA20F95E7AAA0408E&google_push=AXcoOmTnQtfh2FsWFSJydBMEVUuGXkLhn2Z0tV92bGNiApLV9iY0yBc4u-dosxC_Ije3Me67emgKQb9U62kJjbpJGjPXYpjMig7u9A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 07 Nov 2023 17:39:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 1C15 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM3HMysPG68VnzgSB0x09aY&google_cver=1&google_push=AXcoOmTlTpQqbUe1FFO_LzFV0pnIWrJNbGyOfLFC8MOpcrUOZRqzLIs5NAM855Odyl6bj9m425XTbR2S6e65z8nuLqs85hjyBnED
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 1C15
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELfgrF7IQTMmg6HrruUdrDY&google_cver=1&google_push=AXcoOmRhIpEY4d03pDJ8iQcFgpZOYB0M57tG1xOEtn_ef0LXE_6GYSkS39eW2r9x1NfbdhT46Up3sWLPcjmHlIrL-rKn4SS...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhIpEY4d03pDJ8iQcFgpZOYB0M57tG1xOEtn_ef0LXE_6GYSkS39eW2r9x1NfbdhT46Up3sWLPcjmHlIrL-rKn4SSi336a&google_hm=eS03VTNkNkxGRTJwR0dTX3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhIpEY4d03pDJ8iQcFgpZOYB0M57tG1xOEtn_ef0LXE_6GYSkS39eW2r9x1NfbdhT46Up3sWLPcjmHlIrL-rKn4SSi336a&google_hm=eS03VTNkNkxGRTJwR0dTX3NoOVFjd1hGdkNzcV9Kbjc2S35B
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 17:39:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhIpEY4d03pDJ8iQcFgpZOYB0M57tG1xOEtn_ef0LXE_6GYSkS39eW2r9x1NfbdhT46Up3sWLPcjmHlIrL-rKn4SSi336a&google_hm=eS03VTNkNkxGRTJwR0dTX3NoOVFjd1hGdkNzcV9Kbjc2S35B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1C15 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWDVM7OmrKQxa68ac26PAE3TBXaOD_hS2_5hJZgqnIZ9_IrPEInCDmlqRwB5LR-Rwi-jht
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5823210502176162&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1699465139&rafmt=1&to=qs&pwprc=5746823351&format=1200x90&url=https%3A%2F%2Fwww.cvcpassagens.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699465139215&bpp=1&bdt=1618&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ea5f90b267b6ea1-22331122cee4009b%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mb-dH87W4DKANDxVo2vL8hDgNa6YA&gpic=UID%3D00000cbc5cbe235f%3AT%3D1699465138%3ART%3D1699465138%3AS%3DALNI_Mauc7ApHivnmq0jjT18z29RdNvdyw&prev_fmts=0x0%2C1170x280%2C830x200%2C830x498%2C830x90%2C1200x90&nras=4&correlator=100211640424&frm=20&pv=1&ga_vid=1695886719.1699465138&ga_sid=1699465138&ga_hid=834680999&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44807454%2C44807463%2C44807763%2C31078297%2C44807406%2C44808149&oid=2&pvsid=3709246204984017&tmod=40386531&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=dQcCiFbyGO&p=https%3A//www.cvcpassagens.com.br&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4266be9618d2a8cd22bb0aadda64a3ade4cb3cd6cc70f1586d36292a2f8d48fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12037
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C6B2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXlH53q8a6c5yTQ-ixe9kjnsJl6glNhcfi7jwmMl_pWNYsOcdEDrURFU8HaKOubdWWsTvUeB3bXbWYw5-Pa_vMXpoybdc-CZgWFSXVLqKazB98p8urd3hTsn__frnjgJy7NICuR0QFipZv&sai=AMfl-YR2MRFaihd7YBTcLYVeEhUH3K04MCPwYJHjDK9Uttm34JC8-MHQiSMWFgttGJ7tdP6vXTLEyPVyzIHuSUq0qt_tyXnpd44kJCxpIRoByUEm5AExxx_sa8H5rjCUxUgU8dJipHX7DzpVOM1C-EE22g&sig=Cg0ArKJSzCdYO4s0RznQEAE&cid=CAQSTwDICaaNByBh7Yp6PXibcpL3BIe9jgkO5tq3-egEi4cRi2HfYHwLI3lu5kPbEOJ3a-HK5eKZUIQozAvrFvRG3wMwTPSgEh-HgEOn2aYiaC8YAQ&id=lidar2&mcvt=1076&p=0,0,200,830&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=634504756&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699465138442&rpt=1240&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5823210502176162&plah=www.cvcpassagens.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 17:39:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
4272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 16:27:49 GMT
expires
Thu, 07 Nov 2024 16:27:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8235 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e139fa0716f6d86b1f8db4907147d7a58d42a75ebcafcf4c423a457d0c409f2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FuzLMrGwxHPIh75SwgQA4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cvcpassagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FuzLMrGwxHPIh75SwgQA4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 17:39:01 GMT
expires
Wed, 08 Nov 2023 17:39:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 7B33 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 16:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
4272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 16:27:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8235 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=3709246204984017&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7B33 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kOf7HQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 17:39:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FF9F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8W6-Lp2CTD4PGhewDd1QCHYLwEo83VYCjXyRM2iYu7407T0xGhaULqvmerVdca_9k7YL9x2GToAGDAe6ujiiM4sUvbxVcwfSoFfKI8OHrRn_WROgAQA6tGTgcMyb7f1ySEmCuO2CYXsDXCoW5FSrXpQ_cW_GRFVRCYk1HV-g&sai=AMfl-YRSK3bnsO_Mhq3UDkJMOVAX8D7sOwBbcDikF29N2CTEHkD80Ia_uRIOzzAn3nc4eOvA9oIdzbsdRdILRY9wxLUFRlYkLculxlrEw0R6Kq2epq_tm2LAjR3PjYf-rO4EiVAQXlwFa8V2HunrMvB0Mg&sig=Cg0ArKJSzNwU39SFkdhhEAE&cid=CAQSTwDICaaNcaN8Vp1Yb2Tg0kVKZSlo7H7Vn8Q9V3nRwPp5X1T8BQVa94njasJZmusJO63EiwbxjIWKajTIUen-XsZv2VHUJ5LA3_VgnOcfy7wYAQ&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=657227423&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699465138435&rpt=1973&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=ufswebdisp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CB78 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLJVLo5D_YDz9spJu0BOAUEZfq09Ws0u2r_SdzpDxRt61-9nhFVJEUmz2kmzYZyoCVFwCcznEEmV24UsAe7b4zOFYQ-bi5vp5l-bOsI32BFKXKNbWJ1jXPCVG2lp-ngDbDmGSxicboVFHSPyWdI-I7eCJ0tkm56KtauCwjw2s&sai=AMfl-YSPq5Tmg6AoIu-EkFZKJatVR6hnjahJtHzn71Yf2kS8G4KnBkz9glejrh0XYHkw4qn6bbLiah4TSRRxutDkW9F7UU-3DMaZGHgWv5Al5glg2MecNWdHkarrt5wV0HAx9arB2BtHXDmdr9RyNFEe9w&sig=Cg0ArKJSzAv5mq-jPXWnEAE&cid=CAQSTwDICaaN3Wpawy4RrgcNahRLN9dC4Z27frpDCGLIobnk56Kf4hcgz4XI9uiZmzwBgJkrC5beWqY-z3JQywidd6W-t8NyWdai_iertg8NS6cYAQ&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=964,1001,1001,1001,1001&tos=964,37,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699465139347&rpt=1238&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame A673 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cvcpassagens.com.br&e=wqT_3QKhB-ihAwAAAwDWAAUBCLKPr6oGEOCqzd2c1drCHRgAKjYJYrtVjWBUrD8RvBO9w3aTqz8ZAAAAANejwD8hvA0SACkRJNAxAAAA4FG4nj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4pvUFgAEBigEDVVNEkgUG8GWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCH2h0dHBzOi8vd3d3LmN2Y3Bhc3NhZ2Vucy5jb20uYnKAAwCIAwGQAwCYAwmgAwGqA6oDCsACaHQZNQxiaW5nAS3weS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMWM4Zjg0YS1kOWRiLTRkMDgtYWFmNC02M2MzNzQyMGZhNjYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVHVwgcHVibGlzaGVyATggNjI2NDUzMzAmAQ4AYY5xALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BDX29obHJlaHZxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjEyNzIyMzY3NjUwMTk3MjMyMCIJMzgxODQ2NzE0KgQhXfDeOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TURRak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX6ssKgsNevmhzABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAVEFQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgHpvUF0gcNFWUBJgzaBwYIBQmo4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=8006766f9a6b0f28afb004160fedee4838ebcebe&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=7659534441662350801&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
an-x-request-uuid
00ce2a5c-2e2c-4e37-9161-f6a4e65f1772
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame A673
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5868b9a9-0f02-4c99-bd24-2332a0167500&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=a1c8f84a-d9db-4d08...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2fcdc27070ec4eaaa63681906c1d876c&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2fcdc27070ec4eaaa63681906c1d876c&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:3100::1725:e25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F4CC536B32624B5586D42C9AAD988641 Ref B: FRA31EDGE0211 Ref C: 2023-11-08T17:39:01Z
x-cdn-traceid
0.56e22517.1699465141.6a06441
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Wed, 08 Nov 2023 17:39:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6B0B0398C7654FDBB75422E03EC782C5 Ref B: FRA31EDGE0621 Ref C: 2023-11-08T17:39:01Z
x-cdn-traceid
0.56e22517.1699465141.6a063da
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2fcdc27070ec4eaaa63681906c1d876c&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
activeview
pagead2.googlesyndication.com/pcs/ Frame A673 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuULpT3HlbKZHFcJHHl64z8vgXYzPksVGbX6d1DKOkTsnPZN3_i90U3V1ihknYsPUkhPN0aYxqfYdncUep3aPjkmWJEdAtaRdA4fJWjAwa8xKAqRphfbQ&sig=Cg0ArKJSzFCLIlQVBuNBEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699465139488&rpt=754&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 17:39:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=3709246204984017&bg=!CQqlCkXNAAb4oU7C2KE7ADQBe5WfOOJddreWrx6b05CYqXQfHGwOsrnJA88d22MW7Pa_6U7ohMwpFPdstWwnMEhUDAfeAgAAAE5SAAAABWgBB5kCyZtzV7pN-oouDslhbjN-ojSbjnhE_agJnLLcVRcmYG1I9o_hkcpa8BHfy8G4gZpucsbmcdGougMghPjHcSqwiXuHhOEnZaxMq1mpClxwpDuesI5SQJf3YuuprbLjpeoEHk3t30FfGAh0ZI-lcFd8cn2DNkJ8idl2zDtWRe6H-FXzZJtBjQ2xoEjYsdYMKP5cQWZDBMjoOSjds9IIZjI4bGV1RaG9VFwrBp6n3NMfsDAkKP9mrAxez7D46jCWgnVS297YDYJFvTqMWoYOTR9j4AkoFEnIqMIYLrrNCPiiQ8KrH0YoQoMRazLUgaQ8g3kSHfFYWilPlYuW68TKalWEMGBNz3A1qurCRXZGpPkM52ZEtMiW_QbBi7RHpxGAoxfY8GIGbWqK6AxFKLsNYlmUc7yPWkzU4_zJlGGX60TK4uqkfAeUYDMdjqD18IhKQ1xBR0VA5Gdm1PL_YZi_1lOlAUxn1Iu-cUdgSEEvM2Y5cf5JGBOULTkpHx7lehxDjfKRi1q3y08sf2mDuBoldJl4B60iX3emvIyDTvnqT6ktRTSE3_JcyOEAC8yhXYS_XNDwv-rWvfi15cKim58jA1-af5MzMyly976pm4_SDd_UpitSS9iMevqAnV_AVZsesWAU-2MlgqFe1t8UaGFO6bbaK56JfNH5REhcrwNNikOxvonNzvvKHNvd6IwBd5XjG8IACV1-yLxrh7hHLoXPnDIwRiOeZaEGrfxXih1JXpxj9Xu-0cvpl6tgtQ8OBHDoRK-duT7tcLSwWnqKbrnZMaiGDUIBbg03M-xdPTujK4WLraUacaiEhpGSw2O1eTbarIgwRV81cGSgn5E3rMGzJzPt6V9p0nZNHt_oklitPxauJhBRnASV5ORuIIGK1SAzmf_Q-Jf2A_32y5weGrYTQlWgfRoOq7Q_E_m-WpM3Aj7oFVNQogFHErmnJwu2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.cvcpassagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery number| healing_touch_bowser_width function| adjustMenu object| shield_vars_notbotjs object| adsbygoogle object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| mc function| $mcj object| fnames object| ftypes object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded number| sc_project number| sc_invisible string| sc_security function| _statcounter function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| google_image_requests object| googTempStyleOverrideInfo object| googNavStack object| googFloatingToolbarManager object| google_pso_loaded_fonts object| googletag object| GoogleGcLKhOms

33 Cookies

Domain/Path Name / Value
cvcpassagens.com.br/ Name: shield-notbot-nonce
Value: 66b118bf06
www.cvcpassagens.com.br/ Name: shield-notbot-nonce
Value: 66b118bf06
.cvcpassagens.com.br/ Name: sc_is_visitor_unique
Value: rx11749922.1699465138.6FEE873E7E4A4F04367A0BBD4BD0328B.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc11749922.1699465138.0
.statcounter.com/ Name: is_visitor_unique
Value: 1699465138192599252
.cvcpassagens.com.br/ Name: __gads
Value: ID=a4316af1ab6c0218:T=1699465138:RT=1699465138:S=ALNI_MZU2J8LVNee_xoGaVljExpBu3Dbvw
.cvcpassagens.com.br/ Name: __gpi
Value: UID=00000ccc38fedb89:T=1699465138:RT=1699465138:S=ALNI_MZT95RD0xAIdFQkNyYSKHolZQMnLg
.doubleclick.net/ Name: IDE
Value: AHWqTUleTYdR1sOetOvSHdnTJB32QuH2o5U0rNTH7rKxWHpGyfV6miXknsnQmnmOFmE
.bing.com/ Name: MUID
Value: 0E9528BADC16664229F73B79DD9D6749
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2261BC66DC-C095-46F6-25BC-EBDD2C800B1D%22%7D
.de17a.com/ Name: guid
Value: 1.341991127386797954
.simpli.fi/ Name: suid
Value: 88E29FAE95BC48A7979A8DFD24DE1E6F
.w55c.net/ Name: wfivefivec
Value: fUaT6Lq71R0Mw45
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUvHtAACScrQuABH
.turn.com/ Name: uid
Value: 2596964023679753176
.w55c.net/ Name: matchgoogle
Value: 5
.quantserve.com/ Name: d
Value: EAIBCQGwKoEA
.quantserve.com/ Name: mc
Value: 654bc7b4-ed14e-1aabe-bfaed
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.yahoo.com/ Name: A3
Value: d=AQABBLXHS2UCEPKxCaXrLneculcbHlrhSM0FEgEBAQEZTWVVZQAAAAAA_eMAAA&S=AQAAAo9S8a5UBrwxe-yJyLRc0pI
.adform.net/ Name: C
Value: 1
.addthis.com/ Name: na_id
Value: 2023110817390100091262525885
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 654bc7b57f66a62a
.addthis.com/ Name: ouid
Value: 654bc7b50001741431f0507c085ff2b2a36fbcdf81a313849a56
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20231108
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.adform.net/ Name: uid
Value: 5706507506480839514
.tribalfusion.com/ Name: ANON_ID
Value: ayntuJRwEfES2QVoq6vnRoOY2NGS7qsDU89XHh4UYeFrUGN60QWHutntjyDjAnx16rC9gP8VvwTabZcXD8opsn9Gg

1 Console Messages

Source Level URL
Text
network error URL: https://www.cvcpassagens.com.br/wp-admin/admin-ajax.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acdn.adnxs-simple.com
ad.turn.com
ads.travelaudience.com
adsdk.microsoft.com
ams3-ib.adnxs.com
c.statcounter.com
c1.adform.net
cdn-images.mailchimp.com
cdn.adnxs.com
cm.g.doubleclick.net
cms.quantserve.com
cvcpassagens.com.br
d5p.de17a.com
dclk-match.dotomi.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.clean.gg
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
s.tribalfusion.com
s.w.org
s3.amazonaws.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.bing.com
www.cvcpassagens.com.br
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
104.20.219.77
142.250.186.130
142.250.186.34
151.101.130.49
151.101.65.108
18.66.122.33
185.89.210.122
192.0.77.48
2001:678:cb4:bbbb::11
213.155.156.168
23.213.164.226
23.35.237.56
2606:4700::6812:18ad
2606:4700::6812:bcf
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:bdf::63
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a02:26f0:3100::1725:e25a
2a02:fa8:8806:16::1370
2a05:d018:d29:3605:66db:1fb1:629d:b93f
2a06:98c1:3120::3
2a06:98c1:3121::3
3.33.220.150
34.91.62.186
34.95.69.49
35.190.0.66
37.157.6.233
52.217.120.224
54.93.168.0
95.101.200.166
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
22ab9d35585774ce09f17b1ba9d76bd09a73537db9f777beefc6a914846a0e40
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3758c352e0b8d20713e5713c632605ac8a407759165e48df6b148f8dc6e927a9
3e73b591e81079687d518c6a68e3f6c37fbf298c954e8c783618ee466a1f7f0f
3f3e8dcd1ce34bdba37215aca46fa08693637600af0263ed05d7292ad02b9d5c
3f406efc4fd40a14e68ac5e6ce3d8ff1059b30f70bd0691280bc23eeef785388
3f69b1594855839b8a76f29e3dd3590fd796f78b161798cb978ff5852b6487b1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4266be9618d2a8cd22bb0aadda64a3ade4cb3cd6cc70f1586d36292a2f8d48fa
4399691df9b757bd86238b43b21c9237baf8058d20786a94f5c364929e1b1a3f
45ac764ad6355398b81d1c04c5ad7e4995ba9f0a2abd7578a12c3268b3154c70
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4865394c997ec6daa7530ce6d4e6c21e149a09d8d7058f0ffcc7a7771e36a6e4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c935d34bba127cb00885a8758146b06707df581342d6a9553ce37730c623ac8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50435be9ac4478366be2a39c59c8a8400126879ca331638fb5a6696ccb86e282
51c923c83bfed6d18b1586fd66ad5c0d75587a2e8148e9c8b299acfdf5e2c2ea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6ae0cf644a65727fd26c382bdec230ff4f53ea8896b5e89b78c58057e2ec5a72
709665b1358cfb98c7fc6dc6e2da85efd4086938858ac2b553eccdbc654fd03a
72ac359c428b91df3ab1867d6fca9c3a4232af2f923bd4ae06255c34d00367dd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd37697525860cea3841d9a6e52bb978539c927d9bace4cbfce5639d923ae78
7c5b0604c8ea7ffa6683cfd726c4deee05b65b0da06b62b71c366c46722c2533
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8b5ca5f225dfd33f42f02157baeb0a31ebd02ffdce3788680457a8e51d03d662
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2fadc770240f64b9fff5c8af50401375a21a42e7fa0823c05360d7357813f5
91d13f4ae5ff8db16c4cb3bb056d699821afe737798000c9ba2f18ba58d0c97e
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
950530c9b5c48a2942cca79fa10b52c5372c7cea8b210bab5a053be86801582f
96f11504fc00b98fcc850b3e48d25c0d842203a0425567b56394c1fe3c65585d
9a510dc6aba0f2675293f476d82b32179a930edaaa4a025c719ec7092e34d9a1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9b9ed67a0ea92854e6a8e9be86af0485ed256be3daa66b7102c47608d71f0e8f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3c08c12cbef68fe6d53c7781d646ac7ef19f1bee5beaec914da7eef5d574d3a
a3d9f7dba9a77a91d9d7320ab26ae6ce53f352a8c10da746258f803dd18e35e7
a421129407d8bc007d6241382d1ea03fda259481df1abc8e6fd292bbef468509
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a6f6d401f4438bffc1d92bbf133662b78cc8d9534d8af7f3f0f0e8f51d925c6f
a729f0e137db5e2f9ea73198e3b6b943fe32e1cf37e08b4069f4c8b4fa2e7690
a769ba035d09bab14ca680172039c487a3cf1e155d11245a4ed78b8dcbed8351
a795f758908ccb979e8196e935395026a824353f4c49b28c40b3bdd22ee9f372
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aebc569dd4be8998817ddbd6e5f69dd14c4ffb4d011fabe409b52fb31b11e580
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b4fb4d8571698c8077401fccae60d106c3341e5d1401b882db59cc4a57ea0de7
b991f5921c406af0f8e9d4ea8c549c915ced63f4f91750c599b1fe20a7a4cc16
bb16dc7c346d6a984e5e6860bb983c7a836637f73d0d045bd14ae90ae64f53ba
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c9da5b0b5f28f79b62dfbaa95cc58fe0efaa7976a1a371c423260f2c8140a4b2
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cfde64613d46e92ade43d94fa50b1e00a694e8a460a2d2fd783a1b1dceab2f28
d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4
d170048b754e396dbaec7d571ca44e6b31cfa90c2faac4e30eb87b459b3fbc30
d382f38382d547404979ad89a19e714d2ef918ce6cc85ee44af907d4388a6b5e
d5d81bb48c7e75ef5eb1a9766e0801f95506949353fe753e986a431054bf1705
d91d77a752075f4354c919100ee3e868b98b5a0e3853e63257dfe10a85b35541
da38fcc0e5b11ed7f64d8173a0f954dc7426f68fd0e90f1b7018a989f31a66cd
e139fa0716f6d86b1f8db4907147d7a58d42a75ebcafcf4c423a457d0c409f2f
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6f56ba051190ead6c54c9af9756c21b0cb8306ad2ec8ff00276d94e161a9c02
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8a8737e5ba4a9a6d0c6e7eac5a506418996811c470ae137f35c5be4453dd312
fdf1569e019e9f82a50efd2d9ade73700e382083a50b790ebdd3b82e89ee3317
ffdb8b548e7c75f6d871b6b65c7d059612511dc9d83fbdf1297347c8289d1c6f