urlscan.io logo urlscan.io
SecurityTrails logo

passagenscomdesconto.com Open in urlscan Pro
20.201.24.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://passagenscomdesconto.com.br/
Effective URL: https://passagenscomdesconto.com/
Submission: On August 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 67 HTTP transactions. The main IP is 20.201.24.124, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is passagenscomdesconto.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 26th 2024. Valid for: 6 months.
This is the only time passagenscomdesconto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 20.201.24.124 8075 (MICROSOFT...)
1 193.108.153.20 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
23 2620:1ec:bdf::60 8075 (MICROSOFT...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 18.66.102.53 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 13.32.27.21 16509 (AMAZON-02)
8 2606:2800:133... 15133 (EDGECAST)
2 2a00:1450:401... 15169 (GOOGLE)
2 20.50.88.241 8075 (MICROSOFT...)
1 191.235.228.36 ()
67 18
5    20.201.24.124 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
passagenscomdesconto.com.br
passagenscomdesconto.com
1    193.108.153.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-20.deploy.static.akamaitechnologies.com
sdk.mercadopago.com
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
moblixcdn.azureedge.net
js.monitor.azure.com
3    2606:4700::6810:a091 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
8    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
mbxrepo-cdn.azureedge.net
2    2a00:1450:4013:c18::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
2    20.50.88.241 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    191.235.228.36 (None, )

ASN- ()
repositorio-prod.azurewebsites.net
Apex Domain
Subdomains		 Transfer
30 azureedge.net
moblixcdn.azureedge.net
mbxrepo-cdn.azureedge.net
2 MB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
accounts.google.com — Cisco Umbrella Rank: 46
87 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
162 KB
4 passagenscomdesconto.com
passagenscomdesconto.com
442 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
272 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
66 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
281 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 853
200 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
1 azurewebsites.net
repositorio-prod.azurewebsites.net
261 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1932
57 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
250 B
1 mercadopago.com
sdk.mercadopago.com — Cisco Umbrella Rank: 118783
35 KB
1 passagenscomdesconto.com.br
passagenscomdesconto.com.br
588 B
67 17
Domain Requested by
22 moblixcdn.azureedge.net passagenscomdesconto.com
moblixcdn.azureedge.net
8 mbxrepo-cdn.azureedge.net passagenscomdesconto.com
4 connect.facebook.net passagenscomdesconto.com
connect.facebook.net
4 passagenscomdesconto.com passagenscomdesconto.com
moblixcdn.azureedge.net
3 www.facebook.com connect.facebook.net
passagenscomdesconto.com
3 cdnjs.cloudflare.com passagenscomdesconto.com
cdnjs.cloudflare.com
3 www.googletagmanager.com passagenscomdesconto.com
www.googletagmanager.com
2 dc.services.visualstudio.com js.monitor.azure.com
2 accounts.google.com moblixcdn.azureedge.net
accounts.google.com
2 region1.analytics.google.com www.googletagmanager.com
js.monitor.azure.com
2 region1.google-analytics.com www.googletagmanager.com
js.monitor.azure.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.onesignal.com passagenscomdesconto.com
cdn.onesignal.com
1 repositorio-prod.azurewebsites.net
1 js.monitor.azure.com passagenscomdesconto.com
1 onesignal.com cdn.onesignal.com
1 script.hotjar.com static.hotjar.com
1 www.google.de passagenscomdesconto.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 sdk.mercadopago.com passagenscomdesconto.com
1 passagenscomdesconto.com.br 1 redirects
67 22

This site contains links to these domains. Also see Links.

Domain
instagram.com
transparencyreport.google.com
facebook.com
apidevoos.com
web.whatsapp.com
Subject Issuer Validity Valid
passagenscomdesconto.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-26 -
2024-10-26		 6 months crt.sh
sdk.mercadopago.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-01 -
2024-10-01		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh
onesignal.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-29 -
2024-08-27		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
accounts.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-22 -
2025-05-17		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-24 -
2025-06-19		 a year crt.sh
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-05-24 -
2025-05-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://passagenscomdesconto.com/
Frame ID: 610FDFC1360CC00F7FF89DB5FE94D346
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nipontravel - Compre passagens com até 50% de desconto!

Page URL History Show full URLs

  1. https://passagenscomdesconto.com.br/ HTTP 302
    https://passagenscomdesconto.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

22
Subdomains

18
IPs

5
Countries

4284 kB
Transfer

7946 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://passagenscomdesconto.com.br/ HTTP 302
    https://passagenscomdesconto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
passagenscomdesconto.com/
Redirect Chain
  • https://passagenscomdesconto.com.br/
  • https://passagenscomdesconto.com/
128 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://passagenscomdesconto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26aa79bcb461906b4555acc459e8632f0f9d424ea6ba442d024e9b5b81f8f03d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Encoding
gzip
Content-Length
35008
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Aug 2024 20:16:34 GMT
Request-Context
appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

Access-Control-Expose-Headers
Request-Context
Content-Length
150
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Aug 2024 20:16:30 GMT
Location
https://passagenscomdesconto.com/
Request-Context
appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
v2
sdk.mercadopago.com/js/ 		145 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mercadopago.com/js/v2
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-20.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
cc598074ab3c9a478b8bdfbf8546ace09d07a73a34f9f1f842cc9673fffd4def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
x-d2id
a6f006eb-0883-4b6c-9e46-13fb2ad931c9
x-envoy-upstream-service-time
4
content-length
35002
x-xss-protection
1; mode=block
x-request-id
a6f006eb-0883-4b6c-9e46-13fb2ad931c9
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Jul 2024 17:22:52 GMT
server
Tengine
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-request-device-id
a6f006eb-0883-4b6c-9e46-13fb2ad931c9
gtm.js
www.googletagmanager.com/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08241fe3b9ff0998a48596186cf647a0f0952b8aac5dad01ce8dd182c1b527f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83508
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 19:53:21 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Aug 2024 20:16:34 GMT
ExternoStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		316 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5ec4460b0b6fda9cb67d66b88224afc928e554aa160150a4b57e139d728f1c71

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmfz
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
ElementUiStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		233 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2ff231c1642368b8cadc24f3f4f6c77a34a6caac2e91feafcf71350942d2274b

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg1
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
MasterStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		265 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/MasterStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
412a2ef57cefff994929ece86375e41da1bea72f3d9d817643130815667f9f71

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:36 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg0
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
_header7.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/_header7.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
27df3b169693edc4cd552ac30048e2bc00e3f84a17564e8f0897a9cab2e2343a

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg2
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
HomeStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		71 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/HomeStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
1e35d400c3c2cc9eb28e048db7edfc04fdddb5ae44b1c1d2e77447068fc7a6af

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg3
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
whatsapp-mini.webp
moblixcdn.azureedge.net/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moblixcdn.azureedge.net/images/whatsapp-mini.webp?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
eff023dda00a3f63fd8b8dc285566185fbbba5d0f2633d870228be955cada72b

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
last-modified
Fri, 16 Aug 2024 18:50:42 GMT
etag
"06db431df0da1:0"
x-powered-by
ASP.NET
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmfy
x-cache
TCP_REMOTE_HIT
content-type
webp
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-cache-info
L2_T2
x-fd-int-roxy-purgeid
74653806
accept-ranges
bytes
content-length
3034
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:34 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2266
etag
W/"19fb0fd50e69d6b97e1badc837a6dff2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8b5cd27a3b39373c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Aug 2024 20:16:34 GMT
VueScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		129 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/VueScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0c11cedb64ab8037f193ef8c7a694c35dc75c56b8687e17784361d816551948a

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:32 GMT
etag
W/"0d2814fdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg4
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
ElementUiScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		582 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/ElementUiScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
447cdff2f8e96dd929f2eb647911a92d41d623aed6e64072f630a9a8f686262c

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:36 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:32 GMT
etag
W/"0d2814fdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg5
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
JqueryScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		84 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/JqueryScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
fe10ff2d84aa09c638cd2dd6d40bdbc7535d83807cd0cabd78e119c8fe9283ed

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:36 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:28 GMT
etag
W/"0781f4ddf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg6
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
AirDatePickerScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/AirDatePickerScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3ccd5018f155d5113cc284a368948b2604f8815de90a32f3dcdfcb395960446a

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:36 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg7
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
MasterScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		126 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
95b89e7c692f766ba3eb1f34217f58ab03ddd854e8360af8b88f12bb7a823baf

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:32 GMT
etag
W/"0d2814fdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg8
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
341988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaImfwyLGh9Pa8%2BEAbL9DRNonUmpEdLlk2Wv3l%2Ba5tmIKpOCmlPlltHqspootYHZgTw0DOn8Vw6dNb6e%2Bo7Wkd4gygEtucAHXbXrBW9VHymQO4IZB9QEcY0HyoJjgF%2F2EFORb5rDCG8cxSY2Xz0Dyl9N"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b5cd27a3d03928f-FRA
expires
Sat, 09 Aug 2025 20:16:34 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XHS86F5EDS
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
981fdc3c0fd3b0d234d3926afab325e8d6ec3b4c331d8fc937828467abc376d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97247
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Aug 2024 20:16:34 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48e9758e0a366baf8c3b6ca21ce338ab8d9fca77a056331f351d62f8d172e0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 20:16:34 GMT
content-md5
OZ4V2h/MXsP952hoGxCH6A==
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2810, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
UXadahAsMRnsGTOXtJtiO+60AkY0QsCBWHjvY9lEIK4n0uIwk+MZYnHRMGNqo+9Zba1/pbMh9GRxfH8Baq66/w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
395c89b5fe957a2ffde1253b86ff334f
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"97069fbcd2f6b2f4436dd0fe177d4249"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 19 Aug 2024 20:18:16 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Y2GWFGPCS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29c735533b7b31e6bdf3dba84b50968b49a4a914330bc8f774c2acab1b7d3ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106819
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Aug 2024 20:16:34 GMT
hotjar-2170527.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2170527.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
f7021cae8e9b5fd4ed2c5844d0f2a82470b3c89c73a53dfaf396ce886e599f3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 20:16:35 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/57bd255eb79782f8d3200f486fb8bffe
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Vj2sDLceYV2pH-GLg8R6mcDAE-qM2zvdg8d3gDdLiHoXXcxE0j2siw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZGS9XD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 19:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3690
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 19 Aug 2024 21:15:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 19 Aug 2024 20:16:34 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58912
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=6622, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
yKkgLInaxaMBi5HH/4084mrhvUvS/6TLiw/azfRN7W66wYwOSJQxE81Ea5QSmCZFasDFj6XD6P2HNLc7C4vy9g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XHS86F5EDS&gtm=45je48e0v884176782za200&_p=1724098594810&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1049142020.1724098595&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724098594&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7244
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHS86F5EDS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://passagenscomdesconto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		259 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1972
etag
W/"2d5effdf1f67f3d889acd0f923ae833f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8b5cd27adc05373c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Aug 2024 20:16:35 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9Y2GWFGPCS&gtm=45je48e0v871511827z8833925342za200zb833925342&_p=1724098594810&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1049142020.1724098595&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724098595&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=page_view&_fv=1&_ss=1&tfd=7290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Y2GWFGPCS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://passagenscomdesconto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9Y2GWFGPCS&cid=1049142020.1724098595&gtm=45je48e0v871511827z8833925342za200zb833925342&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Y2GWFGPCS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://passagenscomdesconto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9Y2GWFGPCS&cid=1049142020.1724098595&gtm=45je48e0v871511827z8833925342za200zb833925342&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=2081785324
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=bd18ef906c399e96dd63ee10a0735201
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4764bceef665bda23c64f6c7008c689cfa54b0d746b0b87d9a5cbd2591873bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://passagenscomdesconto.com/
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 20:16:35 GMT
content-md5
9VhgpTb5NO+L2HNXKkjy8g==
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87160
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4320, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
Mwo4e0aaVQ4T0SsVrtfRfWZ9c8ewjaefwfSX3a8Md3iAVUcS4xNpGcxJaZ2kX1SQq0yTrT7/0IbwtQhwxJUzyw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
803ef508922c3bee799a79c556d042a0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"1a9360d054b7ad8aea65f34a2c2d9a39"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Aug 2025 19:25:40 GMT
827220801251107
connect.facebook.net/signals/config/ 		73 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/827220801251107?v=2.9.165&r=stable&domain=passagenscomdesconto.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83bd5c4b27df7ad25dcf2eaf37440e5afe3f50373bbc30ff0e066c25d15e1e10
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 19 Aug 2024 20:16:35 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=69, mss=1328, tbw=66614, tp=-1, tpl=-1, uplat=174, ullat=0
pragma
public
x-fb-debug
yLMo3Xf3W+PsjfGWp9W8mgmzhsHlISkxkNmAOeoamPk8GDxPQnut0TX9DUAv/2PEky29dl5/HrARgsbmO/9b0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=495963276&t=pageview&_s=1&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&ul=de-de&de=UTF-8&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=220055795&gjid=612984424&cid=1049142020.1724098595&tid=UA-179202165-1&_gid=1705878037.1724098595&_r=1&_slc=1&gtm=45He48e0n81TZGS9XDv833925342za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=576632585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://passagenscomdesconto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=871243816855558&input_token&origin=1&redirect_uri=https%3A%2F%2Fpassagenscomdesconto.com%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=bd18ef906c399e96dd63ee10a0735201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 19 Aug 2024 20:16:35 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404947081776655369", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3153, tp=-1, tpl=-1, uplat=105, ullat=0
pragma
no-cache
x-fb-debug
VeJM6qHFI264JVDDgVwRp+vfQBGfTa7dQG47XYAM7AUYQg8b5Z0lSODuBnv1craQWZx4oBq6vZ1/RWuC4F9yJQ==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404947081776655369"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://passagenscomdesconto.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2170527.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1749209
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
m6Gnyc3xj8ejy6em2_fd8kLTtz7lJhSc6gybEDA17DsQb396rQQu2w==
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=827220801251107&ev=PageView&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&rl=&if=false&ts=1724098595330&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724098595326.817204171747411021&cs_est=true&ler=empty&cdl=API_unavailable&it=1724098595106&coo=false&rqm=GET
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2836, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 19 Aug 2024 20:16:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=827220801251107&ev=PageView&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&rl=&if=false&ts=1724098595330&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724098595326.817204171747411021&cs_est=true&ler=empty&cdl=API_unavailable&it=1724098595106&coo=false&rqm=FGET
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 19 Aug 2024 20:16:35 GMT
document-policy
force-load-at-top
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404947080996725053", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=4801, tp=-1, tpl=-1, uplat=144, ullat=0
pragma
no-cache
x-fb-debug
0igr8XBmvr9wI/eJUGXS5L2n4so3fbbHVqwcIzxZHg+bK5iPJP7hOUIpYB6MYkPQP7dxrTwu52V3M8/Xe75aYg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404947080996725053"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
_header7.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		3 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/_header7.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
27df3b169693edc4cd552ac30048e2bc00e3f84a17564e8f0897a9cab2e2343a

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg2
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
MasterStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		265 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/MasterStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
412a2ef57cefff994929ece86375e41da1bea72f3d9d817643130815667f9f71

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:36 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmg0
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
br.svg
moblixcdn.azureedge.net/images/flags/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moblixcdn.azureedge.net/images/flags/br.svg
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
65c4244693069fc46570c19193ce32be5a6deb6e3001d647f2f60afcb9711a87

Request headers

Referer
https://moblixcdn.azureedge.net/Assets/Bundles/css/ExternoStyle.css?v=a1b53621390298fc9012d14d1432e7b5
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:50:40 GMT
etag
W/"0408330df0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmpm
content-type
image/svg+xml
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
SFProDisplay.ttf
passagenscomdesconto.com/fonts/ 		404 KB
405 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://passagenscomdesconto.com/fonts/SFProDisplay.ttf
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
287c6e4aa1d5a485f6782cff039adabedec8f0510238a1fc900a60a9fc77e575

Request headers

Referer
https://passagenscomdesconto.com/
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 20:16:37 GMT
Last-Modified
Fri, 16 Aug 2024 18:50:40 GMT
Server
Microsoft-IIS/10.0
ETag
"0408330df0da1:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=2678400
Accept-Ranges
bytes
Content-Length
413924
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
427384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
108020
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-1a5f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTcf%2FklxOt7forHMaupqQYJe%2F%2F52SVgSyfO6fJondqqUwUS3UoZ10p7Y7MPyzjUOCMCZuCSEN1HXARr92AJr1jjdAG0vVZA7jI6bE3O%2BaZNIaUwSXFSgpVGwhTm3RuxUnZD7jy%2F%2FLJOcyX8R%2BYDCnniJ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b5cd28a7daa928f-FRA
expires
Sat, 09 Aug 2025 20:16:37 GMT
element-icons.woff
moblixcdn.azureedge.net/Assets/Bundles/css/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/fonts/element-icons.woff
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17

Request headers

Referer
https://moblixcdn.azureedge.net/Assets/Bundles/css/ElementUiStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
last-modified
Fri, 16 Aug 2024 18:50:40 GMT
etag
"0408330df0da1:0"
x-powered-by
ASP.NET
x-azure-ref
20240819T201637Z-179d6ccbd55mhzktxcx78xdwv400000001xg000000015yun
x-cache
TCP_HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
74653806
accept-ranges
bytes
content-length
28200
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
347469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150124
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-24a6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WJJ2aQ12TWRlK0%2FKlM2nj4UFWi6WNVsLcdSjbN%2FbAtFICyPhOiNezRQqagN4We%2Fz6bk62p1PuyXhRh6YP96LI4KmKTsHSwaSjLG8UR6rzkc4AJHYFwzd%2F1aZSooKPF%2FPkAIYVHEOuk5sUgp6HZhfoq5"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b5cd28a7dab928f-FRA
expires
Sat, 09 Aug 2025 20:16:37 GMT
540.ico
mbxrepo-cdn.azureedge.net/prod/iconagencia/540/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/iconagencia/540/540.ico?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ea42bf4e19e094ea2bd5f6c5183e3779e5cacf123cd3d5438bc31662e9f8cfaa

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:38 GMT
last-modified
Mon, 19 Aug 2024 00:08:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
O6YI3QCJOnYS7F6Z475kqA==
etag
0x8DCBFE312E9D77A
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
29969bf5-101e-0031-3a74-f29890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
1150
expires
Tue, 19 Aug 2025 20:16:38 GMT
whatsapp-mini.webp
moblixcdn.azureedge.net/images/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moblixcdn.azureedge.net/images/whatsapp-mini.webp?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
eff023dda00a3f63fd8b8dc285566185fbbba5d0f2633d870228be955cada72b

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:35 GMT
last-modified
Fri, 16 Aug 2024 18:50:42 GMT
etag
"06db431df0da1:0"
x-powered-by
ASP.NET
x-azure-ref
20240819T201635Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmfy
x-cache
TCP_REMOTE_HIT
content-type
webp
access-control-allow-origin
*
cache-control
public, max-age=15552000
x-cache-info
L2_T2
x-fd-int-roxy-purgeid
74653806
accept-ranges
bytes
content-length
3034
PegarScript
passagenscomdesconto.com/config/ 		121 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://passagenscomdesconto.com/config/PegarScript
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/VueScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8854edc9e95f77d101db0fce7271ade62ffd4f7fa90cfcefa33133421b33e15c

Request headers

Accept
application/json, text/plain, */*
Referer
https://passagenscomdesconto.com/
ControllerName
home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 19 Aug 2024 20:16:37 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
211
Request-Context
appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8
client
accounts.google.com/gsi/ 		229 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59247f3c2e3194003cccc1f0addacde4dc55cfed79814812e63b1c69238e8dcc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1nAkW7RWjJZtjh5bWq79Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-1nAkW7RWjJZtjh5bWq79Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 19 Aug 2024 20:16:37 GMT
jquery.ajaxchimp.min.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/jquery.ajaxchimp.min.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
07cfb74ced57cca33309ab20dc95957df4d0105787db04de579efedea455a62f

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:28 GMT
etag
W/"0781f4ddf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmps
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_REMOTE_HIT
cache-control
public, max-age=15552000
x-cache-info
L2_T2
x-fd-int-roxy-purgeid
74653806
web
onesignal.com/api/v1/sync/84c15f6b-a81f-470d-b975-226b0fb54bff/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/84c15f6b-a81f-470d-b975-226b0fb54bff/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be51a1eb97eb34048edd9dcdcca3f6d9e0a99dbad8f48f5e2389cb0375a0c05b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e6bb783e-9b0e-4692-a220-07e2890d706d
x-runtime
0.241295
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"be51a1eb97eb34048edd9dcdcca3f6d9"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8b5cd28abb12373c-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 19 Aug 2024 21:16:37 GMT
CardPesquisaScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/CardPesquisaScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
09ee4eed8b8041877d732d0114e950e4866714116ceb073451a4bf1277107418

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:38 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmpv
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_MISS
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
CardPesquisaStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/CardPesquisaStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
46b0c5de1ebf7f0f72fea7910f79f31e16e5131fbe39be1a3bf2cb6818f9ac0b

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmpt
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_REMOTE_HIT
cache-control
public, max-age=15552000
x-cache-info
L2_T2
x-fd-int-roxy-purgeid
74653806
ContainerOfertasScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/ContainerOfertasScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6cb423924388d98759cb5868ca48fb23bd63590bc5d334b93e3bc94917bcc6c9

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:28 GMT
etag
W/"0781f4ddf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmpw
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_HIT
cache-control
public, max-age=15552000
x-fd-int-roxy-purgeid
74653806
ContainerOfertasStyle.css
moblixcdn.azureedge.net/Assets/Bundles/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/css/ContainerOfertasStyle.css?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
494d8f6121ff026e849f2a48cd609a317d6ac15eaa2234038f6a6e67655bd0b3

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:26 GMT
etag
W/"04bee4bdf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmpu
content-type
text/css
access-control-allow-origin
*
x-cache
TCP_REMOTE_HIT
cache-control
public, max-age=15552000
x-cache-info
L2_T2
x-fd-int-roxy-purgeid
74653806
InstagramScript.js
moblixcdn.azureedge.net/Assets/Bundles/js/ 		1 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moblixcdn.azureedge.net/Assets/Bundles/js/InstagramScript.js?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/MasterScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
13c48e85b15129616d8ad27b3f9e41e08c1e25fd58dfb87dcaaf09683c113e69

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 18:51:28 GMT
etag
W/"0781f4ddf0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55qfvbmqq2a4wr3qs000000068g00000000dmpx
content-type
application/x-javascript
access-control-allow-origin
*
x-cache
TCP_REMOTE_HIT
cache-control
public, max-age=15552000
x-cache-info
L2_T2
x-fd-int-roxy-purgeid
74653806
540_300x300.webp
mbxrepo-cdn.azureedge.net/prod/logoagencia/540/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/logoagencia/540/540_300x300.webp?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e49715fc999735ff85fbd6096bd1cfc8c01430c874e54d523b1e6cc8110aec18

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:37 GMT
last-modified
Sat, 27 Jul 2024 10:36:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
fH0EVIiVCHi3bS5m8Q1iWw==
etag
0x8DCAE27F7DE73D8
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
9bc47402-501e-001f-5874-f2ca87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
3238
expires
Tue, 19 Aug 2025 20:16:38 GMT
Get
passagenscomdesconto.com/Ofertas/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://passagenscomdesconto.com/Ofertas/Get?size=4
Requested by
Host: moblixcdn.azureedge.net
URL: https://moblixcdn.azureedge.net/Assets/Bundles/js/VueScript.js?v=a1b53621390298fc9012d14d1432e7b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.201.24.124 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f4564f2e752c1ae1050ee0840805f1c74b7e2000e94967cc67f00b54971cf0c8

Request headers

Accept
application/json, text/plain, */*
Referer
https://passagenscomdesconto.com/
ControllerName
home
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 19 Aug 2024 20:16:41 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
1176
Request-Context
appId=cid-v1:36cbee6b-762b-4a5b-add0-23ae2b9771d8
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

Referer
https://passagenscomdesconto.com/
Origin
https://passagenscomdesconto.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-encoding
br
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver
2.8.18
vary
Accept-Encoding
x-azure-ref
20240819T201637Z-179d6ccbd55jdd7pbwea8br0q800000001t0000000017fx3
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
fcb12b0a-201e-00f8-2b49-ef71bf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid
0
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cijqQxPstdvuk3_dViEG_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 20:16:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-cijqQxPstdvuk3_dViEG_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 19 Aug 2024 20:16:37 GMT
540_1920x900.webp
mbxrepo-cdn.azureedge.net/prod/fundoagencia/540/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/fundoagencia/540/540_1920x900.webp?v=a1b53621390298fc9012d14d1432e7b5
Requested by
Host: passagenscomdesconto.com
URL: https://passagenscomdesconto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
af4e14f1e8000f10d50b26ae665b4d3e54b8e480e35571e4750d02ee3543e81d

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:38 GMT
last-modified
Fri, 02 Aug 2024 18:31:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
OBX/1Ttss47i/peqSMagBA==
etag
0x8DCB3216544AC21
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
20a3be60-001e-0012-6e74-f20253000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
1624518
expires
Tue, 19 Aug 2025 20:16:39 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XHS86F5EDS&gtm=45je48e0v884176782za200&_p=1724098594810&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1049142020.1724098595&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724098594&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=scroll&epn.percent_scrolled=90&_et=8&tfd=12256
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://passagenscomdesconto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9Y2GWFGPCS&gtm=45je48e0v871511827za200zb833925342&_p=1724098594810&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1049142020.1724098595&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1724098595&sct=1&seg=0&dl=https%3A%2F%2Fpassagenscomdesconto.com%2F&dt=Nipontravel%20-%20Compre%20passagens%20com%20at%C3%A9%2050%25%20de%20desconto!&en=scroll&epn.percent_scrolled=90&_et=14&tfd=12318
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 20:16:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://passagenscomdesconto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
540.ico
mbxrepo-cdn.azureedge.net/prod/iconagencia/540/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mbxrepo-cdn.azureedge.net/prod/iconagencia/540/540.ico?v=a1b53621390298fc9012d14d1432e7b5?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ea42bf4e19e094ea2bd5f6c5183e3779e5cacf123cd3d5438bc31662e9f8cfaa

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:41 GMT
last-modified
Mon, 19 Aug 2024 00:08:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
O6YI3QCJOnYS7F6Z475kqA==
etag
0x8DCBFE312E9D77A
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
29969ebc-101e-0031-3f74-f29890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
1150
expires
Tue, 19 Aug 2025 20:16:41 GMT
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a6823424311e66c6993e5996a44895b6b078828310d38f50e6ce6781589f1645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://passagenscomdesconto.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 20:16:40 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://passagenscomdesconto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 19 Aug 2024 20:16:40 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
1_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20guarulhos/ 		191 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20guarulhos/1_360x292.webp?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:42 GMT
last-modified
Fri, 16 Aug 2024 20:22:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
x0FOg3fLoq3pNnWH71mrdQ==
etag
0x8DCBE311C2DCEEA
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
80a3ddf2-501e-0052-5974-f2056b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
266364
expires
Tue, 19 Aug 2025 20:16:42 GMT
3_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20congonhas/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20congonhas/3_360x292.webp?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1a3f410f498637f7786a4ade1c9a8a4c86fcfef86f0d55985ff7208ee4d45d7b

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:41 GMT
last-modified
Fri, 16 Aug 2024 13:56:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
yIVdAn35/3tCEKijaVwLkA==
etag
0x8DCBDFB423F8D6B
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
df25d263-f01e-0029-1d74-f247f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
168890
expires
Tue, 19 Aug 2025 20:16:42 GMT
4_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20congonhas/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/places/s%c3%a3o%20paulo%20-%20congonhas/4_360x292.webp?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e086966ae6c4a37b866fb092e58ee163ed92da35c54d62a697c5709885912e41

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:41 GMT
last-modified
Fri, 16 Aug 2024 13:47:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
qTfCV9F3sN/YQdYVTXwTEw==
etag
0x8DCBDF9FC2D0773
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
05ad35d1-901e-005d-7374-f27307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
170836
expires
Tue, 19 Aug 2025 20:16:42 GMT
3_360x292.webp
mbxrepo-cdn.azureedge.net/prod/places/rio%20de%20janeiro%20-%20gale%c3%a3o/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbxrepo-cdn.azureedge.net/prod/places/rio%20de%20janeiro%20-%20gale%c3%a3o/3_360x292.webp?v=a1b53621390298fc9012d14d1432e7b5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3782d02ce2c6b139805d4b71bac915e516798acdef6e448ad285237d3616ceef

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 19 Aug 2024 20:16:42 GMT
last-modified
Fri, 16 Aug 2024 20:21:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
lYRq8aqj/teWTYlq2vi2sw==
etag
0x8DCBE310F9186F7
content-type
image/webp
access-control-allow-origin
*
x-ms-request-id
914f2275-d01e-003e-8074-f2eefc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
content-length
6276
expires
Tue, 19 Aug 2025 20:16:42 GMT
1_360x292
repositorio-prod.azurewebsites.net/api/repository/places/S%C3%A3o%20Paulo%20-%20Guarulhos/ 		260 KB
261 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://repositorio-prod.azurewebsites.net/api/repository/places/S%C3%A3o%20Paulo%20-%20Guarulhos/1_360x292?v=a1b53621390298fc9012d14d1432e7b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
191.235.228.36 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ff8ccf254af2ad486da00ef76930440a34944e2182984c4f86a116608df7771

Request headers

Referer
https://passagenscomdesconto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 20:16:43 GMT
Cache-Control
max-age=86400
Last-Modified
Fri, 18 Aug 2023 06:16:50 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
266364
Content-Type
image/webp

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| appInsights string| tag object| dataLayer function| FindResource object| PortalStarter object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| onYouTubeIframeAPIReady function| gtag object| gaGlobal object| FB function| MercadoPago object| gaplugins object| gaData number| __oneSignalSdkLoadCount function| OneSignal function| OneSignalDeferred object| __buffer object| t function| e function| axios function| Vue function| VueRouter object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| ELEMENT function| jQuery function| tjq object| UsuarioUtil object| router object| Util object| Headerbar object| RequestUtil object| LocalStorageUtil object| headerApp object| listApp object| gAuth object| Cookies function| moment function| callbackGoogle function| __jp0 object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_202518 object| Microsoft object| __dynProto$Gbl object| Parceiro

18 Cookies

Domain/Path Name / Value
.passagenscomdesconto.com.br/ Name: TiPMix
Value: 68.12445256497429
.passagenscomdesconto.com.br/ Name: x-ms-routing-name
Value: self
.passagenscomdesconto.com/ Name: TiPMix
Value: 97.67147830947627
.passagenscomdesconto.com/ Name: x-ms-routing-name
Value: self
passagenscomdesconto.com/ Name: ASP.NET_SessionId
Value: gwscbhvpcenao3sn05hwvxdd
passagenscomdesconto.com/ Name: culture_selected
Value: de-DE
passagenscomdesconto.com/ Name: moeda_portal
Value: BRL
.onesignal.com/ Name: __cf_bm
Value: uIKDSaoIrReeBkvUq_nzSDTIN7YRjbB0xCQK8AE5_WM-1724098594-1.0.1.1-89QgUr_UYSCa0y8llm.8R4sHVf1Z1fQNRiQyr8a5Pqt5QsPx6mN_E8lqYA.RbFPSVIN2N2p47sQuHfrenYUPhw
.passagenscomdesconto.com/ Name: _ga_XHS86F5EDS
Value: GS1.1.1724098594.1.0.1724098594.0.0.0
.passagenscomdesconto.com/ Name: _ga_9Y2GWFGPCS
Value: GS1.1.1724098595.1.0.1724098595.60.0.0
.passagenscomdesconto.com/ Name: _ga
Value: GA1.2.1049142020.1724098595
.passagenscomdesconto.com/ Name: _gid
Value: GA1.2.1705878037.1724098595
.passagenscomdesconto.com/ Name: _gat_UA-179202165-1
Value: 1
.passagenscomdesconto.com/ Name: _fbp
Value: fb.1.1724098595326.817204171747411021
.passagenscomdesconto.com/ Name: _hjSessionUser_2170527
Value: eyJpZCI6ImRhNmUxNDY3LTQzODgtNTQxOS1iMWMxLTYzMWJiYWRiM2QyNiIsImNyZWF0ZWQiOjE3MjQwOTg1OTUzOTgsImV4aXN0aW5nIjpmYWxzZX0=
.passagenscomdesconto.com/ Name: _hjSession_2170527
Value: eyJpZCI6IjA5OWZlODMyLWUzY2MtNGEwMC05NmY2LTY1NmI2ODc1YjhiNSIsImMiOjE3MjQwOTg1OTUzOTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
passagenscomdesconto.com/ Name: ai_user
Value: Rb4PsyFVYQhy44CFQIA/xG|2024-08-19T20:16:37.923Z
passagenscomdesconto.com/ Name: ai_session
Value: cqzfX/XhKdGgJZhIIoKhXk|1724098597927|1724098597927

1 Console Messages

Source Level URL
Text
other error URL: https://passagenscomdesconto.com/
Message:
Provider's accounts list is empty.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
dc.services.visualstudio.com
js.monitor.azure.com
mbxrepo-cdn.azureedge.net
moblixcdn.azureedge.net
onesignal.com
passagenscomdesconto.com
passagenscomdesconto.com.br
region1.analytics.google.com
region1.google-analytics.com
repositorio-prod.azurewebsites.net
script.hotjar.com
sdk.mercadopago.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
13.32.27.21
18.66.102.53
191.235.228.36
193.108.153.20
20.201.24.124
20.50.88.241
2001:4860:4802:34::36
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6810:a091
2606:4700::6811:180e
2620:1ec:bdf::60
2a00:1450:4001:809::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::9c
2a00:1450:4013:c18::54
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6
07cfb74ced57cca33309ab20dc95957df4d0105787db04de579efedea455a62f
08241fe3b9ff0998a48596186cf647a0f0952b8aac5dad01ce8dd182c1b527f1
09ee4eed8b8041877d732d0114e950e4866714116ceb073451a4bf1277107418
0c11cedb64ab8037f193ef8c7a694c35dc75c56b8687e17784361d816551948a
13c48e85b15129616d8ad27b3f9e41e08c1e25fd58dfb87dcaaf09683c113e69
1a3f410f498637f7786a4ade1c9a8a4c86fcfef86f0d55985ff7208ee4d45d7b
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e35d400c3c2cc9eb28e048db7edfc04fdddb5ae44b1c1d2e77447068fc7a6af
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
26aa79bcb461906b4555acc459e8632f0f9d424ea6ba442d024e9b5b81f8f03d
27df3b169693edc4cd552ac30048e2bc00e3f84a17564e8f0897a9cab2e2343a
287c6e4aa1d5a485f6782cff039adabedec8f0510238a1fc900a60a9fc77e575
29c735533b7b31e6bdf3dba84b50968b49a4a914330bc8f774c2acab1b7d3ad0
2ff231c1642368b8cadc24f3f4f6c77a34a6caac2e91feafcf71350942d2274b
3782d02ce2c6b139805d4b71bac915e516798acdef6e448ad285237d3616ceef
3ccd5018f155d5113cc284a368948b2604f8815de90a32f3dcdfcb395960446a
412a2ef57cefff994929ece86375e41da1bea72f3d9d817643130815667f9f71
447cdff2f8e96dd929f2eb647911a92d41d623aed6e64072f630a9a8f686262c
46b0c5de1ebf7f0f72fea7910f79f31e16e5131fbe39be1a3bf2cb6818f9ac0b
48e9758e0a366baf8c3b6ca21ce338ab8d9fca77a056331f351d62f8d172e0e3
494d8f6121ff026e849f2a48cd609a317d6ac15eaa2234038f6a6e67655bd0b3
59247f3c2e3194003cccc1f0addacde4dc55cfed79814812e63b1c69238e8dcc
5ec4460b0b6fda9cb67d66b88224afc928e554aa160150a4b57e139d728f1c71
5ff8ccf254af2ad486da00ef76930440a34944e2182984c4f86a116608df7771
65c4244693069fc46570c19193ce32be5a6deb6e3001d647f2f60afcb9711a87
6cb423924388d98759cb5868ca48fb23bd63590bc5d334b93e3bc94917bcc6c9
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
83bd5c4b27df7ad25dcf2eaf37440e5afe3f50373bbc30ff0e066c25d15e1e10
8854edc9e95f77d101db0fce7271ade62ffd4f7fa90cfcefa33133421b33e15c
95b89e7c692f766ba3eb1f34217f58ab03ddd854e8360af8b88f12bb7a823baf
981fdc3c0fd3b0d234d3926afab325e8d6ec3b4c331d8fc937828467abc376d2
a6823424311e66c6993e5996a44895b6b078828310d38f50e6ce6781589f1645
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
af4e14f1e8000f10d50b26ae665b4d3e54b8e480e35571e4750d02ee3543e81d
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
be51a1eb97eb34048edd9dcdcca3f6d9e0a99dbad8f48f5e2389cb0375a0c05b
cc598074ab3c9a478b8bdfbf8546ace09d07a73a34f9f1f842cc9673fffd4def
d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e086966ae6c4a37b866fb092e58ee163ed92da35c54d62a697c5709885912e41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4764bceef665bda23c64f6c7008c689cfa54b0d746b0b87d9a5cbd2591873bd
e49715fc999735ff85fbd6096bd1cfc8c01430c874e54d523b1e6cc8110aec18
ea42bf4e19e094ea2bd5f6c5183e3779e5cacf123cd3d5438bc31662e9f8cfaa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff023dda00a3f63fd8b8dc285566185fbbba5d0f2633d870228be955cada72b
f4564f2e752c1ae1050ee0840805f1c74b7e2000e94967cc67f00b54971cf0c8
f7021cae8e9b5fd4ed2c5844d0f2a82470b3c89c73a53dfaf396ce886e599f3a
fe10ff2d84aa09c638cd2dd6d40bdbc7535d83807cd0cabd78e119c8fe9283ed