www.demo.viajocomdesconto.com.br Open in urlscan Pro
192.99.250.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.demo.viajocomdesconto.com.br/
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2021, 6:59:18 am UTC)

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 192.99.250.156, located in Canada and belongs to OVH, FR. The main domain is www.demo.viajocomdesconto.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 21st 2021. Valid for: 3 months.

This is the only time www.demo.viajocomdesconto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	192.99.250.156 192.99.250.156	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3036::6815:4b46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.21.12.199 216.21.12.199	53334 (TUT-AS) (TUT-AS)
2	192.124.249.69 192.124.249.69	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
23	7

8 192.99.250.156 (Canada)

ASN16276 (OVH, FR)
PTR: server12.rapidcloud.com.br

www.demo.viajocomdesconto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ferreiratorresadv.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::6815:4b46 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vidadeturista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.21.12.199 (United States) 2 redirects

ASN53334 (TUT-AS, US)
PTR: digital9.cloudserver8.com

www.viagensecaminhos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.124.249.69 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10069.sucuri.net

cdnstatic8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	viajocomdesconto.com.br www.demo.viajocomdesconto.com.br	76 KB
5	vidadeturista.com www.vidadeturista.com	115 KB
3	gstatic.com fonts.gstatic.com	56 KB
3	fontawesome.com use.fontawesome.com	99 KB
2	cdnstatic8.com cdnstatic8.com	419 KB
2	viagensecaminhos.com 2 redirects www.viagensecaminhos.com	225 B
1	ferreiratorresadv.com.br ferreiratorresadv.com.br	236 B
1	jquery.com code.jquery.com	24 KB
1	googleapis.com fonts.googleapis.com	1 KB
23	9

	Domain	Requested by
7	www.demo.viajocomdesconto.com.br	www.demo.viajocomdesconto.com.br
5	www.vidadeturista.com	www.demo.viajocomdesconto.com.br
3	fonts.gstatic.com	fonts.googleapis.com
3	use.fontawesome.com	www.demo.viajocomdesconto.com.br use.fontawesome.com
2	cdnstatic8.com	www.demo.viajocomdesconto.com.br
2	www.viagensecaminhos.com	2 redirects
1	ferreiratorresadv.com.br	www.demo.viajocomdesconto.com.br
1	code.jquery.com	www.demo.viajocomdesconto.com.br
1	fonts.googleapis.com	www.demo.viajocomdesconto.com.br
23	9

This site contains no links.

Subject Issuer	Validity	Valid
demo.viajocomdesconto.com.br cPanel, Inc. Certification Authority	`2021-06-21` - `2021-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
cdnstatic8.com Starfield Secure Certificate Authority - G2	`2021-09-02` - `2022-09-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
ferreiratorresadv.com.br cPanel, Inc. Certification Authority	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.demo.viajocomdesconto.com.br/
Frame ID: 5996E09408C4978F9CB290EA2601268C
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viajo com Desconto

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

791 kB
Transfer

1484 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg HTTP 301
https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg

Request Chain 17

https://www.viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg HTTP 301
https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.demo.viajocomdesconto.com.br/ 10 KB
3 KB 471ms
128ms Document
text/html 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: 0fcb17107fdfc696ad9a067ab9b63c7848e611747115fb20012404012312e9bd

Request headers

:method: GET
:authority: www.demo.viajocomdesconto.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

set-cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 3032
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Sep 2021 06:58:57 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 06:47:12 GMT
server: ESF
date: Sun, 05 Sep 2021 06:58:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 06:58:57 GMT

GET
H2 200 bootstrap.min.css
www.demo.viajocomdesconto.com.br/css/ 118 KB
18 KB 531ms
229ms Stylesheet
text/css 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demo.viajocomdesconto.com.br/css/bootstrap.min.css
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.demo.viajocomdesconto.com.br
referer: https://www.demo.viajocomdesconto.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
content-encoding: br
last-modified: Wed, 06 Feb 2019 17:49:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18270
expires: Sun, 12 Sep 2021 06:58:57 GMT

GET
H2 200 style.css
www.demo.viajocomdesconto.com.br/css/ 587 B
305 B 424ms
123ms Stylesheet
text/css 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demo.viajocomdesconto.com.br/css/style.css
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: 61599afbdafe61ca30c11f434beab3e703d87ba4e7f019168ee8d700ea6c2f2c

Request headers

:path: /css/style.css
pragma: no-cache
cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.demo.viajocomdesconto.com.br
referer: https://www.demo.viajocomdesconto.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
content-encoding: br
last-modified: Wed, 06 Feb 2019 17:49:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 197
expires: Sun, 12 Sep 2021 06:58:57 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.1/css/ 53 KB
12 KB 428ms
427ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZP81S17AQJKJY5VV
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: O6Mcc2Ms0UKRUOF95janmyueoBpx2ATnuYT4Oz52vf+hMbtqcpIPT5uVZVUDSwpmNBSbCioBpmw=
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bosuYrhWjklc58PeTf%2FRAThFybo4GIFvs4VHA0f7qn1EmPsJHHJUCS6huRIPYmPmX4MYS8Rc6Zhn9WOVQfcWPcRT7ScbSEX3MnECjj5yQ5SmThOsgXPEgL%2FDOUeYRNCTc3u3FFhwDd8eE1bPsc3NG3Bu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 689d9273ebef5c56-FRA

GET
H2 200 logovd.png
www.demo.viajocomdesconto.com.br/img/ 27 KB
27 KB 537ms
236ms Image
image/png 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.demo.viajocomdesconto.com.br/img/logovd.png
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: 9699a374e44c5f222f7fef8247cd1898b7b46e06d3fe1167260cb80825e63e74

Request headers

:path: /img/logovd.png
pragma: no-cache
cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.demo.viajocomdesconto.com.br
referer: https://www.demo.viajocomdesconto.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
last-modified: Wed, 06 Feb 2019 17:49:40 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27996
expires: Sun, 12 Sep 2021 06:58:57 GMT

GET
H2 200 viagem-internacional-1.jpg
www.vidadeturista.com/wp-content/uploads/2009/12/ 114 KB
115 KB 658ms
629ms Image
image/jpeg 2606:4700:3036::6815:4b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vidadeturista.com/wp-content/uploads/2009/12/viagem-internacional-1.jpg

Requested by

Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sundaycooks.com, estudiosunday.com

Resource Hash

1e440b007acb562c6b2024cc33cb0f2d71fee646f92af21e50a67237a48ef736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sundaycooks.com, estudiosunday.com
vary: Accept-Encoding
content-length: 116751
last-modified: Tue, 16 Jul 2019 17:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d2e0b9f-1c80f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev6hXJtT4Elwg6e6o5B4lh%2FToVEMUbMsTP6Dwnsy9yCLJyFpu8N3JeoV7GJ76BfQsuzMtqugm79yQgqgLpZo7Ar0721DRF2sM85hS9ifZNE9iDdhx0HuQUXj1RtrASB%2B2YOf82ACzHdot2IS1uvuePr8cjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 689d927419f13128-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

viagem-maceio-recife-1.jpg
cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/
Redirect Chain

https://www.viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg
https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg

209 KB
209 KB

485ms
408ms

Image
image/jpeg

192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg

Requested by

Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

5c65ba6241f56faa5844a27d105b76e4f4be211f193802bd87fc05444a212e60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
last-modified: Thu, 07 Nov 2019 17:55:47 GMT
server: nginx
x-8cdn-server: 02
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 13019
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 213792
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

content-security-policy: upgrade-insecure-requests;
server: LiteSpeed
location: https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg
date: Sun, 05 Sep 2021 06:58:57 GMT
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-length: 706

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 27ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1630825137.dop151.fr8.t,1630825137.cds254.fr8.hn,1630825137.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 bootstrap.min.js Show response
www.demo.viajocomdesconto.com.br/js/ 36 KB
9 KB 529ms
227ms Script
application/javascript 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demo.viajocomdesconto.com.br/js/bootstrap.min.js
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.demo.viajocomdesconto.com.br
referer: https://www.demo.viajocomdesconto.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
content-encoding: br
last-modified: Wed, 06 Feb 2019 17:49:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9515
expires: Sun, 12 Sep 2021 06:58:57 GMT

GET
H2 200 jquery.carousel.fullscreen.js Show response
www.demo.viajocomdesconto.com.br/js/ 1 KB
470 B 626ms
324ms Script
application/javascript 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demo.viajocomdesconto.com.br/js/jquery.carousel.fullscreen.js
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: 8cd7c3a5caaa67d80cf2caff62f3de0f1d8776181042e16c13cae05f65c6a82d

Request headers

:path: /js/jquery.carousel.fullscreen.js
pragma: no-cache
cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.demo.viajocomdesconto.com.br
referer: https://www.demo.viajocomdesconto.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
content-encoding: br
last-modified: Wed, 06 Feb 2019 17:49:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 414
expires: Sun, 12 Sep 2021 06:58:57 GMT

GET
H2 200 overlay.png
ferreiratorresadv.com.br/icontent/ferreiratorres/img/ 0
236 B 500ms
207ms Image
text/html 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ferreiratorresadv.com.br/icontent/ferreiratorres/img/overlay.png
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed / PHP/7.4.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:58 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.22
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 19:00:07 GMT
x-content-type-options: nosniff
age: 129530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19248
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 19:00:07 GMT

GET
H2 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:32:24 GMT
x-content-type-options: nosniff
age: 296793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:32:24 GMT

GET
H3-29 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ 73 KB
73 KB 228ms
227ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://use.fontawesome.com/releases/v5.7.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZP838N421EXW6CDN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74320
x-amz-id-2: ryup8sQZyyJAMG/KRBEqR66SaqD7CylMxBWTZIK4ge4AeAKXRQyIl/IaiiaJF3NjDG4rw35a/5I=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: "3638e62ea50e6f5859b6a15276c25c87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1fBgLb98lWXRc4vrBxFEHhzKx4hwHQLF3EdPLWIy0XLeZtV8uzvpupUSBGWUJiqJaqg3GuImm1M8uOIvuN5PZ3Gw5c4%2BRJ74wCH36gUflj2JbEe9Qo5ZiEj4zpiIPCYPkSOdHiq13tjd%2FO0%2ByRvq8Re"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 689d92777f5297d2-FRA

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:05:43 GMT
x-content-type-options: nosniff
age: 157994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:05:43 GMT

GET
H3-29 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.7.1/webfonts/ 13 KB
14 KB 290ms
289ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.1/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac24e5303881213e92ef35e55c176ce2a6d43aa7bc1784900c87d8993d5c7032

Request headers

Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://use.fontawesome.com/releases/v5.7.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZP8725YBQAXTFTSV
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13608
x-amz-id-2: P+LY3aiCo/xVgU+yGW7NXC5axfhjMpu8HHtJVamOZn9OF/FB11RHYy+BDPPTJ1rWsNqyN4ia1o0=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: "6a9d786e67d54419d8629081fbb555d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H56yFFCTql4wLZ4CLeoKHFL5Ua2BEa6uIrfk2ltM8IP6KKMWzn%2FgS3hMP1ndG67I8D2MUMVjhUx9gHEH%2B6V7R0GFW8ABUW2xmKTKAnhos0rpRWN9Sxb39MEke2fQXuGibRUXrPH76yot%2F%2B8Ss23f9el"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 689d92777f5397d2-FRA

GET
H2 200 glyphicons-halflings-regular.woff2
www.demo.viajocomdesconto.com.br/fonts/ 18 KB
18 KB 426ms
125ms Font
font/woff2 192.99.250.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.demo.viajocomdesconto.com.br/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.99.250.156 , Canada, ASN16276 (OVH, FR),
Reverse DNS: server12.rapidcloud.com.br
Software: LiteSpeed /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-fetch-mode: cors
origin: https://www.demo.viajocomdesconto.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=6f331eo1f8t68acc584nvqcc25
:path: /fonts/glyphicons-halflings-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.demo.viajocomdesconto.com.br
referer: https://www.demo.viajocomdesconto.com.br/css/bootstrap.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.demo.viajocomdesconto.com.br
Referer: https://www.demo.viajocomdesconto.com.br/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:58:58 GMT
last-modified: Wed, 06 Feb 2019 17:49:38 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18028
expires: Sun, 12 Sep 2021 06:58:58 GMT

GET
H2

200

viagem-maceio-recife-1.jpg
cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/
Redirect Chain

https://www.viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg
https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg

209 KB
209 KB

258ms
258ms

Image
image/jpeg

192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg

Requested by

Host: www.demo.viajocomdesconto.com.br
URL: https://www.demo.viajocomdesconto.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

5c65ba6241f56faa5844a27d105b76e4f4be211f193802bd87fc05444a212e60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.demo.viajocomdesconto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 06:59:06 GMT
last-modified: Thu, 07 Nov 2019 17:55:47 GMT
server: nginx
x-8cdn-server: 02
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 13019
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 213792
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

content-security-policy: upgrade-insecure-requests;
server: LiteSpeed
location: https://cdnstatic8.com/viagensecaminhos.com/wp-content/uploads/2014/04/viagem-maceio-recife-1.jpg
date: Sun, 05 Sep 2021 06:59:06 GMT
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-length: 706

GET
H2 200 viagem-internacional-1.jpg
www.vidadeturista.com/wp-content/uploads/2009/12/ 114 KB
0 658ms
629ms Image
image/jpeg 2606:4700:3036::6815:4b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.vidadeturista.com/wp-content/uploads/2009/12/viagem-internacional-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sundaycooks.com, estudiosunday.com

Resource Hash

1e440b007acb562c6b2024cc33cb0f2d71fee646f92af21e50a67237a48ef736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sundaycooks.com, estudiosunday.com
strict-transport-security: max-age=63072000; includeSubdomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116751
last-modified: Tue, 16 Jul 2019 17:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d2e0b9f-1c80f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev6hXJtT4Elwg6e6o5B4lh%2FToVEMUbMsTP6Dwnsy9yCLJyFpu8N3JeoV7GJ76BfQsuzMtqugm79yQgqgLpZo7Ar0721DRF2sM85hS9ifZNE9iDdhx0HuQUXj1RtrASB%2B2YOf82ACzHdot2IS1uvuePr8cjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 689d927419f13128-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viagem-internacional-1.jpg
www.vidadeturista.com/wp-content/uploads/2009/12/ 114 KB
0 658ms
629ms Image
image/jpeg 2606:4700:3036::6815:4b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.vidadeturista.com/wp-content/uploads/2009/12/viagem-internacional-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sundaycooks.com, estudiosunday.com

Resource Hash

1e440b007acb562c6b2024cc33cb0f2d71fee646f92af21e50a67237a48ef736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sundaycooks.com, estudiosunday.com
strict-transport-security: max-age=63072000; includeSubdomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116751
last-modified: Tue, 16 Jul 2019 17:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d2e0b9f-1c80f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev6hXJtT4Elwg6e6o5B4lh%2FToVEMUbMsTP6Dwnsy9yCLJyFpu8N3JeoV7GJ76BfQsuzMtqugm79yQgqgLpZo7Ar0721DRF2sM85hS9ifZNE9iDdhx0HuQUXj1RtrASB%2B2YOf82ACzHdot2IS1uvuePr8cjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 689d927419f13128-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viagem-internacional-1.jpg
www.vidadeturista.com/wp-content/uploads/2009/12/ 114 KB
0 658ms
629ms Image
image/jpeg 2606:4700:3036::6815:4b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.vidadeturista.com/wp-content/uploads/2009/12/viagem-internacional-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sundaycooks.com, estudiosunday.com

Resource Hash

1e440b007acb562c6b2024cc33cb0f2d71fee646f92af21e50a67237a48ef736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sundaycooks.com, estudiosunday.com
strict-transport-security: max-age=63072000; includeSubdomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116751
last-modified: Tue, 16 Jul 2019 17:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d2e0b9f-1c80f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev6hXJtT4Elwg6e6o5B4lh%2FToVEMUbMsTP6Dwnsy9yCLJyFpu8N3JeoV7GJ76BfQsuzMtqugm79yQgqgLpZo7Ar0721DRF2sM85hS9ifZNE9iDdhx0HuQUXj1RtrASB%2B2YOf82ACzHdot2IS1uvuePr8cjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 689d927419f13128-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 viagem-internacional-1.jpg
www.vidadeturista.com/wp-content/uploads/2009/12/ 114 KB
0 658ms
629ms Image
image/jpeg 2606:4700:3036::6815:4b46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.vidadeturista.com/wp-content/uploads/2009/12/viagem-internacional-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4b46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sundaycooks.com, estudiosunday.com

Resource Hash

1e440b007acb562c6b2024cc33cb0f2d71fee646f92af21e50a67237a48ef736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer

Response headers

date: Sun, 05 Sep 2021 06:58:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: sundaycooks.com, estudiosunday.com
strict-transport-security: max-age=63072000; includeSubdomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116751
last-modified: Tue, 16 Jul 2019 17:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d2e0b9f-1c80f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev6hXJtT4Elwg6e6o5B4lh%2FToVEMUbMsTP6Dwnsy9yCLJyFpu8N3JeoV7GJ76BfQsuzMtqugm79yQgqgLpZo7Ar0721DRF2sM85hS9ifZNE9iDdhx0HuQUXj1RtrASB%2B2YOf82ACzHdot2IS1uvuePr8cjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 689d927419f13128-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnstatic8.com
code.jquery.com
ferreiratorresadv.com.br
fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
www.demo.viajocomdesconto.com.br
www.viagensecaminhos.com
www.vidadeturista.com
192.124.249.69
192.99.250.156
2001:4de0:ac18::1:a:1b
216.21.12.199
2606:4700:3031::ac43:d645
2606:4700:3036::6815:4b46
2a00:1450:4001:802::2003
2a00:1450:4001:811::200a
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
0fcb17107fdfc696ad9a067ab9b63c7848e611747115fb20012404012312e9bd
1e440b007acb562c6b2024cc33cb0f2d71fee646f92af21e50a67237a48ef736
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5c65ba6241f56faa5844a27d105b76e4f4be211f193802bd87fc05444a212e60
61599afbdafe61ca30c11f434beab3e703d87ba4e7f019168ee8d700ea6c2f2c
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
8cd7c3a5caaa67d80cf2caff62f3de0f1d8776181042e16c13cae05f65c6a82d
9699a374e44c5f222f7fef8247cd1898b7b46e06d3fe1167260cb80825e63e74
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
ac24e5303881213e92ef35e55c176ce2a6d43aa7bc1784900c87d8993d5c7032
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.demo.viajocomdesconto.com.br Open in urlscan Pro 192.99.250.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

63 %IPv6

9 Domains

9 Subdomains

7 IPs

4 Countries

791 kBTransfer

1484 kBSize

0 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

www.demo.viajocomdesconto.com.br Open in urlscan Pro
192.99.250.156 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

791 kB
Transfer

1484 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions