www.viagensevivencias.com.br Open in urlscan Pro
2606:4700:3030::6815:2e6b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.viagensevivencias.com.br/
Effective URL:
https://www.viagensevivencias.com.br/
Submission: On February 17 via api (February 17th 2024, 7:06:28 pm UTC) from US — Scanned from DE

Summary HTTP 165 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 26 domains to perform 165 HTTP transactions. The main IP is 2606:4700:3030::6815:2e6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.viagensevivencias.com.br.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.

This is the only time www.viagensevivencias.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 64	2606:4700:303... 2606:4700:3030::6815:2e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	35.199.118.124 35.199.118.124	15169 (GOOGLE) (GOOGLE)
1	18.172.112.77 18.172.112.77	16509 (AMAZON-02) (AMAZON-02)
1	16.182.37.216 16.182.37.216	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1655	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2600:9000:266... 2600:9000:266e:d600:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:245... 2600:9000:2450:2800:13:8e49:800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.214.43 52.222.214.43	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:48f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2600:9000:266... 2600:9000:266e:2c00:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
4	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:ce26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.42.154.21 13.42.154.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
2	35.178.247.241 35.178.247.241	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
165	38

64 2606:4700:3030::6815:2e6b (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.viagensevivencias.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viagensevivencias.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.199.118.124 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
PTR: 124.118.199.35.bc.googleusercontent.com

www.segurospromo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-77.fra60.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.37.216 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1655 (United States)

ASN13335 (CLOUDFLARENET, US)

www.visitbritainshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:266e:d600:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2450:2800:13:8e49:800:93a1 (United States)

ASN16509 (AMAZON-02, US)

widgets.rentcars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-43.fra56.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:48f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:266e:2c00:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Solingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Würzburg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.121.248.44 (Saint-Martin-d'Hères, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.154.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-154-21.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.178.247.241 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-247-241.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	viagensevivencias.com.br 4 redirects www.viagensevivencias.com.br viagensevivencias.com.br	1 MB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	384 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149	37 KB
10	bstatic.com aff.bstatic.com — Cisco Umbrella Rank: 67502 cf.bstatic.com — Cisco Umbrella Rank: 15302	74 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 36155 hal900012.redintelligence.net — Cisco Umbrella Rank: 221978	57 KB
7	segurospromo.com.br www.segurospromo.com.br	74 KB
6	rentcars.com widgets.rentcars.com	56 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1212	88 KB
4	medialead.de pv.medialead.de — Cisco Umbrella Rank: 42320	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	3 KB
4	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1072 fonts.googleapis.com — Cisco Umbrella Rank: 48	75 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 29024 api.webgains.io — Cisco Umbrella Rank: 66040	19 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	158 KB
2	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3630 log.pinterest.com — Cisco Umbrella Rank: 5145	19 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 940	96 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3005 pixel.wp.com — Cisco Umbrella Rank: 2945	3 KB
2	google.com translate.google.com — Cisco Umbrella Rank: 1284 www.google.com — Cisco Umbrella Rank: 2	32 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 65103	437 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55484	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 165849	923 B
1	booking.com www.booking.com — Cisco Umbrella Rank: 9923	41 KB
1	visitbritainshop.com www.visitbritainshop.com
1	amazonaws.com s3.amazonaws.com	140 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 6837	2 KB
165	26

	Domain	Requested by
61	www.viagensevivencias.com.br	1 redirects www.viagensevivencias.com.br
16	pagead2.googlesyndication.com	www.viagensevivencias.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	cf.bstatic.com	www.booking.com cf.bstatic.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
7	www.segurospromo.com.br	www.viagensevivencias.com.br www.segurospromo.com.br
6	fonts.gstatic.com	www.viagensevivencias.com.br fonts.googleapis.com
6	widgets.rentcars.com	www.viagensevivencias.com.br widgets.rentcars.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	use.fontawesome.com	www.segurospromo.com.br use.fontawesome.com
4	pv.medialead.de	hal900012.redintelligence.net
4	hal900012.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900012.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900012.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	www.segurospromo.com.br hal900012.redintelligence.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	www.viagensevivencias.com.br www.gstatic.com
3	viagensevivencias.com.br	3 redirects
2	api.webgains.io	analytics.webgains.io
2	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
2	code.jquery.com	widgets.rentcars.com
1	www.google.com	tpc.googlesyndication.com
1	log.pinterest.com	www.viagensevivencias.com.br
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	googleads.g.doubleclick.net
1	adv.office-partner.de	hal900012.redintelligence.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	assets.pinterest.com	www.viagensevivencias.com.br
1	www.booking.com	aff.bstatic.com
1	pixel.wp.com	www.viagensevivencias.com.br
1	translate.googleapis.com
1	aff.bstatic.com	www.viagensevivencias.com.br
1	stats.wp.com	www.viagensevivencias.com.br
1	translate.google.com	www.viagensevivencias.com.br
1	www.visitbritainshop.com	www.viagensevivencias.com.br
1	s3.amazonaws.com	www.viagensevivencias.com.br
1	cdn-images.mailchimp.com	www.viagensevivencias.com.br
165	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
instagram.com
br.pinterest.com
www.youtube.com
www.booking.com
www.segurospromo.com.br
viagensevivencias.com.br
translate.google.com
www.visitbritainshop.com
www.easysim4u.com
abbv.net.br
themegrill.com
wordpress.org

Subject Issuer	Validity	Valid
viagensevivencias.com.br GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
www.segurospromo.com.br AlphaSSL CA - SHA256 - G4	`2023-06-23` - `2024-07-24`	a year	crt.sh
cdn-images.mailchimp.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-17`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
www.visitbritainshop.com GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-29` - `2024-11-28`	a year	crt.sh
*.rentcars.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-15`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
redintelligence.net R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
pv.medialead.de R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.viagensevivencias.com.br/
Frame ID: 97F431A14505E545C7CF29714BE99987
Requests: 83 HTTP requests in this frame

Frame: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Frame ID: D917149D9C9D0C2127C4FF684C1A9882
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 41704E1C77BB089A3A9950504CB78C23
Requests: 1 HTTP requests in this frame

Frame: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Frame ID: DC0106AD0A21E049BF25FAF9F461FA43
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Frame ID: 981CF04594F993740BF06956A92D28E3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&adk=1812271804&adf=3025194257&lmt=1708196782&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196782118&bpp=8&bdt=1918&idt=8&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3227075926076&frm=20&pv=1&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=66
Frame ID: D009E73DE81B26406719045475B88F2E
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Frame ID: DDC1114D94D50E0594F22745AD672A20
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: DC73A9B208AE8EBB346EDDB06475FDF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Frame ID: D4798033B46273AD0C72078083B541D2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DB0E14CF33387EC038D2422CD84C6F76
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D3C71F2597B8785A9BE1A85F4A60E726
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F2164DA937C5BC103D388CC8540E74BF
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: E061E8D08211CFE392E64C81DB64369C
Requests: 1 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Frame ID: 64446617DCB7F4A43ECEB61D250A7331
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92397DA62389E6765AE12930D4B8344D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F68BF3F9D376D332CB985EA22947BF71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viagens e Vivências - Dicas de Viagens e Vivências de um casal pelo mundo!

Page URL History Show full URLs

http://www.viagensevivencias.com.br/ HTTP 301
https://www.viagensevivencias.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
cdn-images\.mailchimp\.com/[^>]*\.css

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

165
Requests

95 %
HTTPS

53 %
IPv6

26
Domains

38
Subdomains

38
IPs

7
Countries

2679 kB
Transfer

5344 kB
Size

18
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/viagensevivencias

Search URL Search Domain Scan URL

URL: https://twitter.com/Blog_vv

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/1/107025809841142461288/posts

Search URL Search Domain Scan URL

URL: https://instagram.com/blogviagensevivencias

Search URL Search Domain Scan URL

URL: https://br.pinterest.com/blogvv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbqBaF0M6QTuQgcelfqfGqg

Search URL Search Domain Scan URL

URL: https://www.booking.com/index.html?aid=836398

Search URL Search Domain Scan URL

URL: https://www.segurospromo.com.br/p/viagensevivencias/parceiro/?tt=banner20&coupon=VIVENCIAS5
Title: VIVENCIAS5

Search URL Search Domain Scan URL

URL: http://viagensevivencias.com.br/contato/
Title: Contato

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: http://viagensevivencias.com.br/quem-somos
Title: Saiba Mais

Search URL Search Domain Scan URL

URL: https://www.visitbritainshop.com/brasil/deal-of-the-week/?cid=889139dc15e84a488ff5482cc4cb4f4e22317&utm_medium=affiliate&utm_content=referrer&utm_source=viagens_e_vivencias&utm_campaign=affiliate

Search URL Search Domain Scan URL

URL: http://www.easysim4u.com/?sourceCode=viagensevivencias

Search URL Search Domain Scan URL

URL: http://abbv.net.br/

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=836398

Search URL Search Domain Scan URL

URL: https://themegrill.com/themes/colormag
Title: ColorMag

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.viagensevivencias.com.br/ HTTP 301
https://www.viagensevivencias.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg HTTP 301
https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg

Request Chain 36

https://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg HTTP 301
https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg

Request Chain 42

https://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png HTTP 301
https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEDrlVbLcIAAEphABv0dAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D

Request Chain 120

https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

165 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.viagensevivencias.com.br/
Redirect Chain

http://www.viagensevivencias.com.br/
https://www.viagensevivencias.com.br/

152 KB
25 KB

1606ms
1282ms

Document
text/html

2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a6d4ff23b7eeb8c2d947863ec55e982f4e8d4ccba27494cab579fd2ca3af576

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85704e8cb84940d8-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 19:06:20 GMT
link: <https://www.viagensevivencias.com.br/wp-json/>; rel="https://api.w.org/", <https://wp.me/9JWmi>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95hdbUA1IoykGRDMSvUb40XqoKRZZYoj2uK4zXS7%2BqXbst4dVK3zR2BsQLHZifZWY6%2FQhM4dOfM3zH1IAyGjppsIyK%2FwWp0s5MKQJBDi5OusAtAPhbwuQlQ%2Ff4lCckIysje%2Fyfs1YB5bU6VTLJCuQnk5BqACGHr0h3n%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 85704e899ac73dcb-SIN
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 17 Feb 2024 19:06:18 GMT
Expires: Sat, 17 Feb 2024 20:06:18 GMT
Location: https://www.viagensevivencias.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTVvEpymx6IX%2BZgJ94tucu8hHEh8ygjEnCgGozQAgkL%2BydLXZwoSiwV0LN1Nj3RuvvULV8adOcq%2Bls6tMfwiHU6VpEeGUI2ugjgfBMBE%2BXa%2BsxUbljAayePCjjG1EgSruu3c14wxHQfb3EpK6iuhSAb4A1czBwiDrzPW"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 sbi-styles.min.css
www.viagensevivencias.com.br/wp-content/plugins/instagram-feed/css/ 33 KB
5 KB 681ms
680ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhlrSPmhjclqGxfeRabCmBeF7Y4fTz8pDanME7%2BbHfgRU4lPsNQuPW19kxf%2F60P2lq0ms9RUFJd9GwAE%2FkvZS0zzvGNzFAJw6QiqFECCx6QD8n%2FFp3viul%2FODNhqMZo6H1vwLoWg6ERQ%2BgIgybtLr4nf0tasD97nl5eb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc6c40d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
www.viagensevivencias.com.br/wp-includes/css/dist/block-library/ 108 KB
15 KB 848ms
847ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-includes/css/dist/block-library/style.min.css?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 04:14:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL5Njtl2P6N%2BL3aPhBmivSMxL7ULg2fG3YZC7iAJeSRzqP8iQGqgn5j3WL28QCSoZN063qZk%2BMCzvdQO3cd4L3zB3LM2TaBw5iYBdWZ6k0kKcEDvfr3VV5FBJH7eOihD810Z5AxZqut%2FX8O9pxipGwZ4Kr9P%2Fp51zjMK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc7340d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 mediaelementplayer-legacy.min.css
www.viagensevivencias.com.br/wp-includes/js/mediaelement/ 11 KB
3 KB 651ms
651ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 30 Sep 2020 00:23:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2yhuhO1Lrr2kPKeAISAKN9oj2e9inHyHl6LhH5pkL%2Ba3hAIp86x4KAibdSlp625pBNwwy8bBLYLK0qsWrsZBN67%2B%2FEPPfszZPr8DhaPr0xsS%2BcIcyc8Op2FViOTucghrQIoVMZPoY31B003SS0%2FvtIE5gFliNI8mcQY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc7640d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 wp-mediaelement.min.css
www.viagensevivencias.com.br/wp-includes/js/mediaelement/ 4 KB
1 KB 675ms
674ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Jun 2019 05:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3f4%2Fhv5662NcvNsFhdG1CWJuuITsq2Xg0WIVOlvo6uJin3WP1TdFPQrnwYj%2ByfTzF1s0b72R1pHB4pf%2BIR%2F9v3386b3dbmFvLH01WFKZzJ8MrSkz1PVcAKAybU9eTDo14tNHSoyCWA39nC8PnshAOlhHdsc1tq6xHgf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc7940d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.css
www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 635ms
635ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.7
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:05:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BGJ6aQQuWg5phEJDyFtsc%2FX7rDAXZ7FywW%2FjFsb%2FjZl7R%2FNC9TpAxREdij4j%2F2Aq%2FxyWQILc%2F1P0W5lpYi7XuFlumJtOKBXJpoozBve9%2BytWKthbWKbfW2pOBCFGEUgmyYIvVdk2rf3EAhJg6%2BoQqSn%2BGZrMtUOdOF4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc7c40d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/ 126 KB
10 KB 646ms
645ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 07:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2hFS%2BuFyADujUTc3QAmuZRI0DUTIHqdKoICGh1ZG4x7Jjj5emtji6PwYJLIW9dtPG8MyFyVIOX5T%2FQtG7yfLTjR%2FD3ekNnx4uGPZog0RKLebnUJx56rRy1lkzqvtXeDKSnI4qcI48Jh4WGZByzgabckL1Ynq7ZoYymR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc7d40d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 toolbar.css
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/ 6 KB
2 KB 675ms
675ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.20
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 07:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdvnP5X%2FVpCV7XahzZA%2Fz63UlIjRk8Rn60QhbThlU2Z%2F8u%2BXe7ZJAACe2UFDvsMMVcjTj0%2FtGY%2ByCzUMBBST%2FSg1V59Hdi%2B09KNNLpCVkwX7eREM1DEmMZBc1n5pTuAeMme9knkdgRamDdzJEJwjnenENbB9IqueJ%2F0a"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc7e40d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 wpp.css
www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
890 B 627ms
626ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.0
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf%2Fo64J8rfVVHpa28IcUMGphiE1%2F0onoI8m%2FibkPk2ylVcfQIIS4fUPdK1%2BO4bNMLkVIMWAeIqS%2BEGDdKFNn2mWA25pwWI2ehBspxQW90Ad3cTo1VJKjoWuZNWAhJTPv2UtZS1VuREIHZdMhKoy4tDXXFJJSfMlJAsNE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94cc8140d8-SIN
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 9b55c8ee-4b7d-4523-b36a-1834be185bb4
https://www.viagensevivencias.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.viagensevivencias.com.br/9b55c8ee-4b7d-4523-b36a-1834be185bb4
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 style.css
www.viagensevivencias.com.br/wp-content/themes/colormag/ 102 KB
18 KB 873ms
872ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaKWTl8K7AmXQoF9SdQHpL64msP%2Frpzbxc7LscJY5Ev1%2BOgDlp5J8JXppCd6Tm35yABuzQZzsny5PwqOaipnajwUmKj2fhePsYoaMfItR7WELSU6wldrXSlK2v63aSkNXS89zFtuqAU1Q37o3Myjr%2Bv601SU7Rmjx64u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94dc9640d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 magnific-popup.min.css
www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/ 5 KB
2 KB 627ms
626ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsDQ0rkOIOdAuql%2BQcVQJvh5P7gtEKyZ2ZVGgxsurRlJUOvVpd2R7XbxsOHE1e3nd1wmbZ1252mT2IJd22qOJwg9t%2BOy6p1gI1yPWs4mQh1K8GSiD9eR%2BRjlaZa9fmYZ9rrL7gXSaQnErb24T830cGqIWFJsbyR1DO0q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e94dc9940d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/ 30 KB
7 KB 817ms
816ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRW27kaEsvs6fFrxE2lKEnSMKe%2BsCeGefHMV0Ei5wbkajR5Bo%2FZ69SgsLpEeEiv1YrWehcPrC9VmjNk4LrgbphyBWep%2FIBrmO27%2F7wqfshf8Of0yiIe9lFmdxni9rz34E96oUx77LTR3yvdnjNC9hZ9LFBYce5N1HhOE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e95bdf040d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 front.min.css
www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 785ms
784ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.13
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 11:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QER84jrnEe1iBGC4hlXAfh4D8r7MDPYz1SDjQSOhw2WAT5Qmrda4WMn1Mz%2B%2FpPDl%2BJaK%2FBIUa4dAbeM%2FHoQIF5LQVp%2BRBm5v60EnJxcjzC6UTBConivXq5ayXV6aebejRfnrOEHmkCubqjxHcDCI4NydrpKtN0uPWJCY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e95bdf240d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 styles.min.css
www.viagensevivencias.com.br/wp-content/plugins/dvk-social-sharing/assets/css/ 835 B
625 B 790ms
789ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/dvk-social-sharing/assets/css/styles.min.css?ver=1.3.4
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6872150eed5592efb18a2c183c473be2217dff08bb90c286120c82c566791e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Dec 2022 07:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY1jTdHv94vJvq2vZK6R6pSi3yWI%2BJVfEfZ6yk9ik7qRsrdgz%2FEsRPYSMqDEq%2Bi5bsJga8XrKXD1rQtFHU90BSbshBMgGJUxCCWWkwLUiH%2B4q4y8GhwmhaoqStBZWixzxH9%2FK7Q3CkL8%2F%2FBokZ7KYzbxyqXGRdfjxwOW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e95bdf340d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 jetpack.css
www.viagensevivencias.com.br/wp-content/plugins/jetpack/css/ 104 KB
20 KB 998ms
997ms Stylesheet
text/css 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/jetpack/css/jetpack.css?ver=13.1.1
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705110851e09c9f6cb085ea3f01e720444f320eab7499dcb5937af0c9ddeecad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:05:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X673X%2F6pnhe8EZGoKBpp4VI3IEV8gvfbF2uqz67nXVLumbpk%2BXXl1WenvW0Dkd702dJJb0NH0YD3v830jslpH66baM4nRjqB71vELdnoa7pfGu6EUTtogNkqH3OjwtSZVoen89g49fCyK6oZZRnLABhXxfjm9crupBgm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 85704e95bdf440d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.viagensevivencias.com.br/wp-includes/js/jquery/ 86 KB
31 KB 1008ms
1007ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 04:15:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFPNbsmPYeNLeUcwZoLxYZs0PYjAO07eillmMpyDxe5QXBIP6Eev9mpxip9pn1EgNGyiK5omst1iatb5cWPy01DJqYA2f9tWm%2FK7fUdfhVtaHbo4nwseK4uwaLflAfQnIzSwzfEE%2Fl7QcONyGBZr6YlNhrFCM44omvsC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e95bdf540d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.viagensevivencias.com.br/wp-includes/js/jquery/ 13 KB
5 KB 761ms
761ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 04:16:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gc0PWFWaZFaHoo80MZWKogHkoBjaRS2vW2whH4GZG%2BmHy0s7gv0gP%2FA9n3jtPR9kgfKEoMGPuYumOdA5WXRRwkgYeNex9JM89hK4Iuz6HA%2BOykS%2F9rqT1InwiiMfp6fNmdPzam%2BRF1%2BMAevULn5tRUEZz9EvZoRPWe5W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e95bdf640d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 wpp.min.js Show response
www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 822ms
821ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.0
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djgg%2BhuUGn9klJf0o9uln6c5rnCDEZOE8VNscoDgoQ01kpQKkXeCGqhnrwV%2FcrUKoTwVjfZAN9vkqqKEFlMmIlyl2J2fNjFJfu26ZwpkKj33X1Btvja%2FztXTeFiOvz3S5HZivW0tbvJHbvSZjj5WMbZ%2Fu43yddJT2mcx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e95bdf840d8-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 front.min.js Show response
www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/js/ 8 KB
3 KB 973ms
969ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.13
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 11:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4uMyurjsO26LG0wvJsqUV6wbOhWFxkZStyrNwTUaICZi%2FFSbTkATvMR4n2NEKzNzsXDw69MTrzwnpnVv968Sg4CkUsxBSgTprrJfcPPo8itn4L%2BtdPT3MaRh3cdSlKNOWSNNCMMMDPi78e8WB7bKYYGvQLqw2NA2t4y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c2344bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 pinit.js Show response
www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 875 B
784 B 974ms
970ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1fffdcfccb2ca03296d8e054da2d690323fe46c66e00d9419604c830d21215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 07:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwyES%2FlNW2mZW2DRSqnwSYKLEF8Q0KrdzZB13Wsl0AOdOXNcDy2YleYo5zkUhxBAOIE7qsWxVIn0O1wtqG%2FdVVG4rNVAJQYtzTJqzXopkEWN4QVpaMmtCyJiF9gzjl%2BXulGLPvIGAZsvpNZF0Jh1MQDNjtiITHpQPCw%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c2644bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 LOGO-300.png
www.viagensevivencias.com.br/wp-content/uploads/2015/09/ 30 KB
31 KB 1024ms
1024ms Image
image/png 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2015/09/LOGO-300.png
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bfcebf8e055ef562c2cb24ed4a23fb9f7162dc385366b893047382fd298641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Tue, 29 Sep 2015 19:22:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL4uqNq7hhna4Ow%2FkRdBFpsD8EvzvJ7CHmCRcZqd2FKUFG4M0Wmg4UTSFA2J2tPJLyfQiSL%2ByEqeyifIWRJSaiBI5eGUroe5Ih2OBKllEIDUp5bNIrwQzMhzXAWCtVRSitORPH4VSL7rtpBTGIZZO%2FJ21k8EfM%2Bh15%2BO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e95bdf940d8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 30930

GET
H2

200

booking.jpg
www.viagensevivencias.com.br/wp-content/uploads/2015/10/
Redirect Chain

https://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg

37 KB
37 KB

890ms
890ms

Image
image/jpeg

2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0918166c496afea920ec13030858726b4ab668ef1ed5116870acf6363600859e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Thu, 01 Oct 2015 13:16:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B102Rd7q%2BA8pmIzAPKea6Iz0pzse8OUbqIovchPrSFpJ4F0yIrFpUkjdOZkfWdmHhpD1mofco%2FRTYRYfEml6mPy3m%2BxjqcGhZsR7F8MLM1%2BAX2HRKoBqi0DspCwNnVDs3giq8qW%2FOS8gDU5vsGUDyNueyajrsWbdJL%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e96cf5f40d8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 37682

Redirect headers

date: Sat, 17 Feb 2024 19:06:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAEeVuBw4A5MbDwzeTcISSnlmsq%2BKxdGs5Tk7HEGWxGx7mx5s6TiSYSETmGJQmNMGbj0J0SLfIf8ZB9U%2BC3CsfcS3o%2Fhq4ytaAa0QhowRad43IHnLDi3L8afdc%2Bda9uOjtjowPpNcM%2B274S7rT1jPiNjvCLWSy4%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
cache-control: max-age=3600
cf-ray: 85704e95bdfb40d8-SIN
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Feb 2024 20:06:20 GMT

GET
H2 200 /
www.segurospromo.com.br/site/banner/viagensevivencias/20/ 39 KB
39 KB 1551ms
312ms Image
image/jpg 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/20/

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3f87761e3ddafdbe2dbdebbf53cda77ece8bd4ccebc1cde27c61b754661217ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
via: 1.1 google
strict-transport-security: max-age=15768000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin
content-type: image/jpg

GET
H2 200 Blog-viagens-e-vivencias-gra-bretain-07-800x445.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/11/ 147 KB
147 KB 1056ms
1056ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2021/11/Blog-viagens-e-vivencias-gra-bretain-07-800x445.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec016f847d46b279f094aa6cda60ac858b09ca3195b0b7d25dbac47e0e72929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Nov 2021 17:16:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSySLFN%2Fj69ZYqMDnkK3uLGk1S5fXT7TFtNTpXouEFCe7W70sbD4xiN%2BkEkKrA0NsjvI1Qh6p1TXUBl5o4KdBvYmBlD3cmuR55bnUG%2B%2F9WIkIsSSPObJpnPD2zkhqB8CfpQVeJjh%2BxMl7BLLy3TeP93PqbfRog%2F9Dupv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e964e9440d8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 150527

GET
H3 200 blog-viagens-e-viencias-outlander-glasgow-university-02-800x445.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/08/ 68 KB
68 KB 1146ms
1144ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2018/08/blog-viagens-e-viencias-outlander-glasgow-university-02-800x445.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aa505a019656c15198702f3fa8079fdb1feba20aeeef3149f4911dabc5a49e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Aug 2018 19:52:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB%2FvZdbonoGtoiqTeg3yAuyWGQpCKgxqRPIRZdE70bDxSYpdbG%2BbAHwI9eZxR2IfGik67BkLAmfDIKl%2B0Gqex7tBc4ooE5qjkrYVQk5YAI5zouOEqPiP2tqRg7zwc7rkcN4z4a8SYkyi7%2Fyq5qiFq%2BuMlx7q%2FPEfT2th"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c0d44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 69423

GET
H3 200 Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-800x445.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/03/ 53 KB
53 KB 1202ms
1197ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2021/03/Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-800x445.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6568c82039f002adc68452920ff425301516339ce291bda12e87edbf7722efa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Mar 2021 01:46:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoReVYLsYYj%2BLmgoIPEbWcmOkEQy8RgDZQllHpWq1%2FFvpwr4GC6kQhd1bgUd6WKQ0GjDa2%2F33hzILds6oArcqn7otmv4lVIE6xBLSr%2FM9rB4ne9tUD6Mq%2BVVptZMKi4E1CJ1D6ANAdB10xsAlk94uGwucTqS1IMZhFIW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c2744bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 54133

GET
H3 200 Blog-viagens-e-vivencias-gra-bretain-07-390x205.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/11/ 30 KB
30 KB 974ms
970ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2021/11/Blog-viagens-e-vivencias-gra-bretain-07-390x205.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809ddb9149ce97e1797b49404308974e0d139e5712386237a0805db5864ef5b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Nov 2021 17:16:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7O%2FxSYyuil0%2F0XdlMOkYVXOq7ZEkeEvkFDKcHVzbi5w7y8iZKLo6Bc42kHSDYiqxsSK29hs9Z5PoA8ASRVNADdgU7pgxnm90b1%2BeK1FBVsCDwDr%2FoXL6YbURiN19LWR73foQ70g8Vd9qGax1BPEzwzXXAi4xsFVkJ9Y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c2844bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 30722

GET
H3 200 Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/03/ 3 KB
4 KB 985ms
980ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2021/03/Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6fde82c3138355f926c01914f4a2ea6b31f8c5e9a194d50a377235afae30a50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Mar 2021 01:46:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKk1u67JkkYuyurvhznv3ssjivV6i%2Bae0TzeGtnftmSrB06Fj%2BcVQ1Kfwh8q%2FkgBzJE7hfSlElwyKKtdmGJjPEq2h0FAxToQ0pMOuw7B%2FZPsTV9Ml%2BYnU2itCw3ZMh2%2BXuwANQdfUe690tGRDl%2F26QAA5%2FqJyx75M9K7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c2a44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3357

GET
H3 200 IMG_7997-390x205.jpg
www.viagensevivencias.com.br/wp-content/uploads/2016/12/ 20 KB
20 KB 985ms
981ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2016/12/IMG_7997-390x205.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cae8e0814fc8ddead7a75b52bc99aba056073d1f4cdafb2376871b1942dd046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2017 02:15:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Re%2F10vkC5pwA2LUPDmvxeODaK9PS3T0tTEZgjO0rX0Z8KlubBJZj8wTN3HA04LajdYySjjkrQX2x7XtcvJkXInv7kuSJC8eo5DjOI%2Bt94v3iBtc015Zxxr3fFIgfsH7FdhLCAi%2B0SjHbEpML14CItBUGe%2FOJW5cQVEyK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c2b44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 20294

GET
H3 200 IMG_8268-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2016/07/ 4 KB
4 KB 1181ms
1177ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2016/07/IMG_8268-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceecd11d5b15305c721149f7eaa5bd5d719f6544266c2f10eac84b9f0927fef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Jul 2016 14:47:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35i96fCr5pf6wUZQcuMyb41Eik0Td7yTojYIIqKgWyuQSwprt5RisT16S%2FPogW3H3GwcXaszcwrpNfBPXsLxQTaB9hVcwaQDJoXzUd3qx5cAtpN8KJ4pnWxgLC8%2F9kkUNjFpiS0SAKtB4G8EMRFhbqhx2W0Cfxp2SLnx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c2d44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3933

GET
H3 200 blog-viagens-e-vivencias-shinkansen-trem-bala-japao-04-390x205.jpg
www.viagensevivencias.com.br/wp-content/uploads/2019/04/ 24 KB
24 KB 1313ms
1309ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2019/04/blog-viagens-e-vivencias-shinkansen-trem-bala-japao-04-390x205.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acb7d02409979942c470cc15d4ddebfd65a94c6ba32f09f16111f3ac5410e7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Apr 2019 22:06:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vucA1c1pRyIE1FI1eO%2B0ppTV1LPiFg8aooI04b651FcnY0trjmGOojl%2BtetK2UZzAeiYMabV84606lsATDjrKqrqmDqfKIG8D3s%2F05tzA6mutYbJvKaEm16oduE8tGS1ISA4cJxlT7f%2Fg4qzpW0qMQoap%2FMa9LGDEOjv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c2e44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 24344

GET
H3 200 blog-viagens-e-vivencias-hiroshima-japan-06-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/09/ 3 KB
4 KB 1323ms
1319ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2018/09/blog-viagens-e-vivencias-hiroshima-japan-06-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163f6c3c901afe6a612bc03fcc06dd6294c550fd2cb08f4b1974720227e1bbe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Sep 2018 01:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyuFQRQtv41MD5YuypgmsH0H5hjt5AZ5ZkMcmGGlKGebJWv2fc7I6KtzDrMd89Y07bDWHuBFEYeTZ0Pn7EWwOxVZyt1KIabHhKN6qJVqlfwn4rPxpdYjJAC76KAiVitXcYq5A6i66JYZbx3a5pjo3KUaTE3YTIeZdXhS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c3244bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3280

GET
H3 200 blog-viagens-e-vivencias-wembley-stadium-london-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2020/03/ 4 KB
4 KB 1324ms
1320ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2020/03/blog-viagens-e-vivencias-wembley-stadium-london-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ac7d0f300e539bdfeef28e3d1e11973abd2b26d047453627713b7e3cc07cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Sun, 08 Mar 2020 22:14:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m4oP302Y3%2B0V9Xh%2B19Lkjw0XPlaWSrzJPzdomfiztv6fMqqP564%2BHQDvtWhDRzB0dHR3Vp0Y8x0%2B4JvxEW33JWl%2BIgiaU9p9pPoDcjJTsLWxZValzkJkYTY2KAj6eiQQIsSftt9INUb%2BDFRrRTFKpS%2Bzo9eKTh0Dd95"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c3544bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3878

GET
H3 200 blog-viagens-e-viencias-outlander-glasgow-university-02-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/08/ 3 KB
4 KB 1373ms
1370ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2018/08/blog-viagens-e-viencias-outlander-glasgow-university-02-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dbb9e7d877d0b7415ebacb36fd3084c9303e0fcb3c618857688fb3b5a71fe92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Aug 2018 19:52:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOYYAbl4jL2A%2FPheloEJg%2FzVi%2BHDfg9coG3mLiCJRnb%2FmbQfOeZt56fSHejupkHkmR9XJCsDNqe2R0RAKrYc0DQkmxtS26uPzr3Hetk%2FZhU4laHYwE1NNEfb7ih348DmvTTDyXl5WhQOd9j6oYExhFfFIh8z0n0w6j5W"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c3744bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3416

GET
H3 200 20210124_092651-1-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/01/ 5 KB
5 KB 1374ms
1370ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2021/01/20210124_092651-1-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8c2c51efeb79b5134d90f3e2f7c7947a9f8aa279aab4c844cfef683537ed8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Jan 2021 00:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaGGi50amarpP75mGSojamjPEg1k9%2BuXK6T%2FYKfe7MsXLJJ95iZqVfNAWN8JDU62pNcS%2FAgkCRLRyGfQ66gM0iw%2BHmzuWhIW%2BYY%2F0f2Lu6c%2F9DAvY1N%2FWUfnsSp75tWvhavm%2BmEeIbO89h7pG%2BzZEP1b36mA7X0mdeVP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c3844bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 4746

GET
H3 200 blog-viagens-v-vivencias-Glenfinnan-Scotland-24-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2020/09/ 4 KB
5 KB 1480ms
1477ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2020/09/blog-viagens-v-vivencias-Glenfinnan-Scotland-24-130x90.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 239e069d2014fcbbcb5a4a67967c79789bd5a5e439bfa3478e0eaf806f74361c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Sep 2020 01:39:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhaubXY%2F1EyViPlU6YdwFpxxTWVTsIrJK%2FvpJUmRMZ3xkSjRIxr%2F85ze2aJxiPxAwOl38rnSrrZj5vt2QUZPH%2FjfwTctEwOLrX%2Be3Dx0a0XqwCetKL25Vb107%2Bzs6KpGSelHMFBz79%2BmsK5fKW9%2F8UnWC0pTTe8m%2F698"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c3a44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 4387

GET
H3

200

vv.jpg
www.viagensevivencias.com.br/wp-content/uploads/2016/03/
Redirect Chain

https://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg

180 KB
180 KB

1858ms
1858ms

Image
image/jpeg

2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820576cf450d6895ef6db37ba52e767da917320e81504fe05d3941fe558bf19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Mar 2016 19:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqIQcFtyHsX4M%2FbAwPeG69n65%2BQLS2mVDj%2FFK04fzNz1p0mLeVmvUo1GqQcPcKaXyFh7UQOE1tURFCOE3AoE852ylug9j8kmAtIdNNnKOxic8frEGDfLkVBUNljNIcDW66u8KPrZ0B%2Bt17k3T6NY%2FW43%2BB49i%2FSL6APY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9c7db044bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 184184

Redirect headers

date: Sat, 17 Feb 2024 19:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tjr9ty0Sv%2BPsK7YORXKiBEE%2BpV6HWNaXAVUvJ8oB4Gl1ZzkaPWc70DpFeYLUJjrv7U%2FzIkHGdC6KAMnEMaJxCJz56VcPgsuC2oKM6WE14M7BH0c5NaGezzpeYndH8P2pnDAnFgqeo3uD80CIU919YMsFBo8h5Y%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
cache-control: max-age=3600
cf-ray: 85704e9b5c3b44bd-SIN
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Feb 2024 20:06:21 GMT

GET
H2 200 classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 36ms
10ms Stylesheet
text/css 18.172.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-77.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 07:09:48 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 17 Dec 2015 16:52:30 GMT
server: AmazonS3
via: 1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
etag: W/"ae0fc9b84c30cada1784022044962394"
age: 42994
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GaXF1Bi3tKPQBrV5SQdErNxiwCqnsOY40D4hW6uvjHgh7gXu1MP6lg==

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 362ms
149ms Script
application/javascript 16.182.37.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.37.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 19:06:22 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: DV0D08FY0NGPZKFN
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: ciiRs8utw57r7q1Y3q/T5du1Nbp0kvOsBwJxVZmjTur6hwR1ey9FQkj9Grvi//dPova0nc6Dc/E=

GET
H2 404 6faaf670fedc4749a863a886160b6f4a.ashx
www.visitbritainshop.com/~/media/ 0
0 160ms
94ms Image
text/html 2606:4700::6812:1655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visitbritainshop.com/~/media/6faaf670fedc4749a863a886160b6f4a.ashx?cid=889139dc15e84a488ff5482cc4cb4f4e22317
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 easy-sim-4-u-blog-viagens-e-vivencias.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/02/ 19 KB
19 KB 1481ms
1478ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2018/02/easy-sim-4-u-blog-viagens-e-vivencias.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12160ce59fa72f3cefdfcf9cf5a260518e60a74c89914c6ad8eac5e6055bac22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2018 17:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cp4GZNphRzUoG5dv1Wi7GMqDNACi%2BZADkH3gTKEW%2F3uU41pkwGWZCHE2eA6DLD%2F%2Ba%2BAegAw2Yc1hLFPwbjQ2uhQJSmss5RM1Pm0att38v3dSMhXZEU%2Fi0TppzAxZtjchN070bug4AzAllAB6oOBk2Inpe8a2k%2FMgbLcE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c3d44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 18987

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 112ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b40ebcf76c5c3097a7153ca44677acc65f7c6538dd0e91e7a5fa31d87dccde72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51220
x-xss-protection: 0
server: cafe
etag: 5418233213432207837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 19:06:21 GMT

GET
H3

200

abbv.png
www.viagensevivencias.com.br/wp-content/uploads/2017/02/
Redirect Chain

https://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png

9 KB
9 KB

2156ms
2156ms

Image
image/png

2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6649d18533b066b695bd21b1076e1e00795e22911c395360c102803ea3ecfe31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Feb 2017 13:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYRQc0eqOga9Ebxt%2B68BPJUeIH8DKe44sRQjo9uy2waYzw5BljpqDoOIAoIgPPztXlWE0aj9wiG%2FvGH54Uc5CV3oPS45v1UEpVJf34q%2B7Yr7o0kxFZZM2LYTRnEtkjIxlx%2BgLQzXomfGgtcLoWLh2KgH0TLPbZjajuO5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9c7db344bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 8845

Redirect headers

date: Sat, 17 Feb 2024 19:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVrEuHtNVdHK5ZqXgYrv0hahVGYQAL2LRKWSQVGRn5e1VbyzJZzfJ%2Bo6XxPIFuNPNNFlrNg5TBD2poYw4bsSbu%2BHSAyTazJ5R5tQ5DT%2FI7Gt0CjCHvErw%2Bloy1KzI6XbZWoJPGfjgVt%2F4PqcgMXQ2756BJUA5uI%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
cache-control: max-age=3600
cf-ray: 85704e9b5c3e44bd-SIN
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Feb 2024 20:06:21 GMT

GET
H3 200 index.js Show response
www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 806ms
799ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:05:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAhDHyu%2F6wzVsJRP22M10%2BdJiLtFY%2FsMFFahkBn4vzmD7PBo5KHl5uD1UvbUfyDGHT6ijcU0f%2BvkoaeMaEjEZV61QaIl3p9ZV7S6P2Xjck8JzXjiV0lmWOGaoEEs9ylYeCB13qxZKmpDL6QLHlwiUaokO3TGAGE6vXdC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1144bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.js Show response
www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 808ms
801ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 07:05:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFx7qUZrg34P%2FvQqKB9HdvPAG%2B7rmVK75poF5RDQPPJehklxx%2Bk4%2B689q4W37IuNaRI4LwtuGTvZWOfHA485vA6Zi%2FD8TEA0r514bBuiAUe1t80wb9T37lHbN3ktqsU2ZpvivYpWJzQc9Ef4K24zOxovehCD%2FrVkYA78"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1344bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 scripts.js Show response
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/js/ 13 KB
4 KB 809ms
802ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.20
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 07:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi6riu3EzwAoyB5NtilXULtUjxmHVb5eCG2B0NdTbz984Je6HqsnFbglP%2Fr%2FWlZET8O9tnPXxabZxYtc2VKJ19pMwsf8MBY4vs6L%2Bw7UzyV%2FJUCAR20crQPvkjUqPCcXWaaO97PC91oYrZPkvB0989BdYUloQ0lnq0QO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1544bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 59ms
29ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea9145153049369ff670cf938c1442962c7dc7c5517dda4ce2adc94600195dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 0
448 B 642ms
635ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/main.js?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Nov 2023 07:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpZShpoHFJ1LbwVbk8dcStEGOdVHfcEgCz5Pw1fvwoow5txq%2FagTJg1BVmaLaAuoZswcZgWcoRcOhUPNqsYBwDSHjVW5D9WOOMgi0aECjN0AFIRib3e2FxtQSO8d98L96aCpO3Gnl6%2FdT4N3nKG%2BhvPFJ1rSPxUsd6Rn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b5c1644bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 jquery.bxslider.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/ 23 KB
7 KB 636ms
630ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8cbmFyrGNZpov%2Bzo4gmVJDBf6Cn2wJ93HblDYrYmpi6cix7%2FjlRs2d%2BVtVLadPsYJUuupodme5bwY90IqQaW5KKFDNyQaM%2F36Y6X%2Fhy25Fa7dUo8G9M3%2B%2FaL8xVJPJ9WjRZKUT%2BY1O%2BX8VBMnziXiCOUf8bts7m7Jmp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1844bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.sticky.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/sticky/ 4 KB
2 KB 649ms
644ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcPZdi8PdC1nT2SEJOY6tr6XuKIJ3XN5aRAmxfyw31q4sz6lEv0cqtT1ZAEYTbzOo7fC1FVZKY713x%2F0OIJvVSigS%2Bna0UAcwPu4YQ8KlR7n3DAD6F1MBadtZ7pLQB4HUNyopUsNsXbKJs8sJSTPkrnWgctIK0Z3dn5S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1a44bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.newsTicker.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/news-ticker/ 3 KB
1 KB 648ms
643ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THwESjlALmnk98wTR%2BlZTb%2FWCOgs5WWOthEqwS4Gf8lCMXXUqi36UUmZbM%2Fp2ooeLhJPyRAU8PkdYvQ1I4DC0qV38hFx6pCLuoCuBXjRKz8tpnMMgRPGXmldg5Iaqz3mfo2311qbjnQ70qwZAXakTDK14e9AlDPGDNda"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1b44bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.magnific-popup.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/ 19 KB
8 KB 812ms
807ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCDe9H%2F8Ov%2BYsRerWryKSrlTr02BNl1pIYP3ZyVVscVhfRRY%2FRpfOgYHyWhoKszIaj6owadRd44O0NHT3Z1G5BYXXq1nnnj6LPteiBmkVtSRfijGJ1i4b9xeTBxypO719dW2%2B0dqQsg08L1q5ph9kUjI9OiXgxtNh%2B2j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1d44bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 navigation.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/ 2 KB
1 KB 819ms
813ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78N8FUowAt%2FbjAB8lq5m2ksoYcqNXenvO4Jlezbm%2F9RN8lLZKn70lmV2Q1Vz%2BlIJqPUOsmvicNeu8TvkZKPCNFAU8VkpQZEX%2B3t%2BSbYL3%2B2qKo2FGx0W27gmsrKIKwh1Mup8s1taeW87H66qQ175wQiKUYtLqf5YkyMN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c1e44bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.fitvids.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/fitvids/ 2 KB
1 KB 819ms
814ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKS0WhTvGSje9ZsYq%2FOOjtIRilcvIlu23qOkMLWYKlxvJGmcZTsF%2Fs%2Bbja%2FMVSGrOmTOYI%2FEpUshvLDEEcQDw1SNdjhVzXOsFPUBJ4B1n%2FP1fmiidVufJ3YSLRBvzgML1z7Mw8%2BZY47C4RLgL79TFaBzAMjWNY%2FCp5m4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c2044bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/ 325 B
645 B 843ms
837ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCzahfekLBVumBA%2FciBty9CXnXu3wzDz3hR7U0GdQJ1uIBuzkrXoUxhGArtLEhwbUT9WIf1DBzw2ACY1JCwWAVBZwSW38Eya8Yr0zj%2FBmGt4%2FXzC2pYOnChElt1iTPHJE0oHwVeAM4iFUj%2Bsg7xYm3TLpkmFT4LsmsZj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c2144bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 colormag-custom.min.js Show response
www.viagensevivencias.com.br/wp-content/themes/colormag/js/ 3 KB
2 KB 643ms
638ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs83ODzHhAtZq6wc0LYsw5QznFaE%2F3ve0Z9ZAYxjZ39BomxxBDBGQN1hGI1ejAFUj6JhIp8vAEa0V9Q4gWMeqYyQKOC3ZvldKS1ka7uc9TzGPRD7VavEnkFKDf%2Fi2yno313M9tpu2H3WN%2FT2aJc%2BCVPYoEGkw8o9NX2Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704e9b5c2244bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 e-202407.js Show response
stats.wp.com/ 7 KB
3 KB 31ms
8ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202407.js
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402358485.9985
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 10 Feb 2025 09:15:45 GMT

GET
H3 200 OpenSans-VariableFont.woff
www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/ 78 KB
79 KB 1463ms
1462ms Font
font/woff 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c

Request headers

Referer: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Origin: https://www.viagensevivencias.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJv8oWNkGxND5GNRSSDOsiIzMmXGXlG2JEHrKp%2BJtFg5SB6lTujI9se04%2FOitexGyfuWc1TF9BhXh0tr%2BmyOkNz3tYqUSzi4rfJ%2BwoPbGCG%2FZ8bKeOmSeSRUpqQBBP1DhIcbMxjjmTKjsJno%2BKGG3ibVwXYmCXj3thmX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b7c5744bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 80196

GET
H3 200 OpenSans-Bold.woff
www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/ 76 KB
77 KB 1629ms
1628ms Font
font/woff 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741

Request headers

Referer: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Origin: https://www.viagensevivencias.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3LfVR2O%2BjF%2FXj%2BaoF2ZaaBPy8CRhh0eGva2E2TAO9L8SN9HKE7yb9Vky%2FifkmerE%2F9l3yJDatATZ3f3iqmbhc3SUQx2crDnEa02QXD9ZXXd%2F%2FoFlIHFTxIC0S6Il2o0xqUaOahy6BYFpeRlnJ%2FDfJW4y9VLvjHrcpdS"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b7c5a44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 78156

GET
H3 200 fontawesome-webfont.woff2
www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
76 KB 1795ms
1795ms Font
font/woff2 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Origin: https://www.viagensevivencias.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXAcK8%2BZ0O49Kd6ourNg1tulFTAMisqxQ8mKq142VeJkkvZRbs49DnP6fL%2BislI9RkIGAWBW2UXKJ%2B5pLUfj79qGa0qucvy9%2BP%2FcPkaQWnqdA8RRbwwd89mO1YSbkeDU0kCc5eAHgE9IOwVVnfGf0aYx6Yst2%2FCznegc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b7c5b44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 OpenSans-SemiBold.woff
www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/ 78 KB
79 KB 1880ms
1880ms Font
font/woff 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b

Request headers

Referer: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Origin: https://www.viagensevivencias.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV%2FfP9VKf9Nrz%2FL6FVF%2BsVQ46vJEiqqgc8l6Wx%2BZr6RygBH3I%2BZx3Oqlv3YsedOpkzdvLkuxaIy3gqD4Bv2MZ6xx7gEE%2BDwUkSQ6vsipYiONcN6RrUYQx7eoKSW0WRaSix2HZwZunct3oDC91Kp2%2Ff3NKnUvM5RsZqZf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9b7c5d44bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 80184

GET
H3 200 10198-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/ 4 KB
4 KB 1950ms
1950ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/10198-featured-130x88.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c034d62db887020102d2f40d5b18acb6f2910dc10b1de19d218844e5d3a3caf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Oct 2018 14:37:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74YhdrY4YjogaiHv%2F5B%2F%2FJRmfGZ9oOCXHFjMHcPGsomronFh4r8KoY4KQV2Sur17rk5tL6RUSE%2BHEmHI9yQg1UNcms%2BQNkAu%2BWwCvYZG9XSvKsdjdeWCXFm3CJuICWJYYmyzNgHGMSoSqseBCvQz9QACO5jXKUS%2FQQGe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9bac8344bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 4013

GET
H3 200 13221-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/ 3 KB
4 KB 1975ms
1974ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/13221-featured-130x88.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f225b5251497cc1900cad7df4aabab137cea27ca96ff76ce673e46acaacd3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Jun 2018 03:39:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0jkzZAtocg2%2FVXjc4nOJf3YPHMYq54iZJLr8Dgt5vWNhDW%2BqJ%2F81XDba2kVSRV52npvEYgjHK%2BfGQNIZZXYZD%2FMj%2B3toZj1NGAQVzDTvN3nxnRsl6%2BdeAAi8KCwdasOXtpW7QIsIfILLm4D3r1qwoMqrNK5454wemh1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9bac8644bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3262

GET
H3 200 13411-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/ 4 KB
4 KB 1976ms
1975ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/13411-featured-130x88.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 629fb0f35b142f731c60f1e5da22426a4d9b5075882f7a1c0e380988332481d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Sun, 26 May 2019 19:15:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJvD5EmjKCesYsYG63eVeclxf2m%2B7yrGBj20JbdLIlXW%2F3lbfNFqXV%2F%2Foci0CG1MYpZlrJqN6LSTUqhjSlWZJaUAOpGEB%2BK5acsqKNuRiX41h%2FI0nzM7gZXtiNceaXCLsmXjCl5o8aUxQmvHXAT3%2Bm0AKOvTgy22A5bU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9bac8744bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3925

GET
H3 200 9417-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/ 2 KB
3 KB 1977ms
1976ms Image
image/jpeg 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/9417-featured-130x88.jpg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7613c1e6d992008618526292680a332b320413401ba19ced06381bf6221045c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2017 16:02:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81RbJm7am0As08V7ze44O6gXwKBcHwUDPZfTPeeC8QiRDdWmXJzRs8BCQEUfP8XmT5u86896lx8BtOhkWN9QgrVtWpG6%2F0PeKRjJScHZZtsvMd%2BY5dGRzQMkHt5qmpn60qAy7LkzTwQ7206y9P507yyP0aFu3Ga%2Bi%2Foj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704e9bac8844bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 2387

GET
H2 200 flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 79ms
7ms Script
application/javascript 2600:9000:266e:d600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1708196781892

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 09:45:17 GMT
content-encoding: br
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2366464
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 03:41:28 GMT
server: nginx
etag: W/"62a6b1e8-1849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: xdkRD7-1VXPwkDGF8-I0fP6zv8ndef49QmfATh1ufvsvRC8QR5Zzsw==
expires: Tue, 20 Feb 2024 09:45:17 GMT

GET
H2 200 / Show response
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917 3 KB
1 KB 904ms
311ms Document
text/html 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

250c8806819c62a4baac259e585e0e2e7248393c545c90378b7c23050d4f0bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 17 Feb 2024 19:06:22 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding Origin
via: 1.1 google

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 407 KB
138 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

660b9a122d2917234c35fc2ea3fe32ddf6be77ca40e6e7fd7d29366f7aadc802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141297
x-xss-protection: 0
server: cafe
etag: 15698607153770729765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 19:06:21 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 4170 9 KB
5 KB 33ms
9ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:17:33 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 19:17:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget-v1.html Show response
widgets.rentcars.com/ Frame DC01 1 KB
908 B 99ms
28ms Document
text/html 2600:9000:2450:2800:13:8e49:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2421eba6a5f0196c8c566fbb18f7768f80439d6926e6e8745f3aa4e54767c012

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37606
content-encoding: gzip
content-type: text/html
date: Sat, 17 Feb 2024 08:39:37 GMT
etag: W/"60e0d61591a92b4169b083ba142fdd2a"
last-modified: Wed, 28 Sep 2022 13:20:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
x-amz-cf-id: Pw8c02tocmxpu2mroGGh2chJMfCjLZEjOllbNmzwDwwAgq5kKaX9lA==
x-amz-cf-pop: CDG50-P4
x-cache: Hit from cloudfront

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ Frame DC01 85 KB
30 KB 36ms
12ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: widgets.rentcars.com
URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3849450
x-cache: HIT, HIT
content-length: 30288
x-served-by: cache-lga13622-LGA, cache-fra-eddf8230108-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708196782.067576,VS0,VE0
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 826941

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ Frame DC01 248 KB
67 KB 33ms
10ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: widgets.rentcars.com
URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5663828
x-cache: HIT, HIT
content-length: 67751
x-served-by: cache-lga13623-LGA, cache-fra-eddf8230108-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1708196782.067564,VS0,VE0
etag: W/"28feccc0-3dee4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 38, 449692

GET
H2 200 rentcars-widget-v1.js Show response
widgets.rentcars.com/min/ Frame DC01 43 KB
7 KB 17ms
17ms Script
text/javascript 2600:9000:2450:2800:13:8e49:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.rentcars.com/min/rentcars-widget-v1.js
Requested by: Host: widgets.rentcars.com
URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfdc837d965571afbffed6f1095e2e6a0c4aa85b11fde670ade337c1fcc750f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 08:12:19 GMT
content-encoding: gzip
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 13:20:34 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P4
age: 39243
x-amz-server-side-encryption: AES256
etag: W/"c26bd0593ec9b5ac31f321c33cbd8180"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: _bjomfSTmAiuexzC0zmTn4exAqOKCSOcr-AKS79Y_WFxFKi8likWmw==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 981C 24 KB
11 KB 360ms
359ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3bd214febbc4a40459d9517ea423b5082c343a9a279b3c947cd4fea93dd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11047
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:06:22 GMT
expires: Sat, 17 Feb 2024 19:06:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
5 KB 45ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=wA/d=1/rs=AN8SPfou97LMMLEkXs-0NjG1hiUcJ1dqOg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 14:10:20 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqYBh4qPypgmz13C3axNm3PxJjI1g/ 206 KB
72 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqYBh4qPypgmz13C3axNm3PxJjI1g/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=wA/d=1/rs=AN8SPfou97LMMLEkXs-0NjG1hiUcJ1dqOg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5c1afed412e5789454807ea8f4c88f90fc70c54b96b6719a60bb5f9db3391b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72801
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 20:11:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 14:10:19 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=143936118&post=0&tz=-3&srv=www.viagensevivencias.com.br&j=1%3A13.1.1&host=www.viagensevivencias.com.br&ref=&fcp=3493&rand=0.563613865849254
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 19:06:22 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
www.viagensevivencias.com.br/wp-includes/js/ 18 KB
5 KB 1493ms
1493ms Script
application/javascript 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.viagensevivencias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 04:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IHmDQJghYWI1t1mPvFUL4zupJd9fUrFF33E4oH69TWadp6%2F8ZwLonRXVIYw46n3nMexiWOlFfl1zs7eW8ORqFUPFnFWxpMiCa1jPfIXNyzY4O1Frqc3VQwOSWIdqirzq40S0%2FhWaiYcuPVtllyGguKx8buUWe6TkcU4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 85704ea0bc3044bd-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D009 0
19 B 19ms
18ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&adk=1812271804&adf=3025194257&lmt=1708196782&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196782118&bpp=8&bdt=1918&idt=8&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3227075926076&frm=20&pv=1&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=66

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:06:22 GMT
expires: Sat, 17 Feb 2024 19:06:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=glt-translate-trigger&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flexiproduct.html Show response
www.booking.com/ Frame DDC1 101 KB
41 KB 319ms
270ms Document
text/html 52.222.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1708196781892

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-43.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6f235e65a6ed9a8576cbfd70b9b603a24a49cc64a66437c2463f10b22ef5650b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 40340
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 19:06:22 GMT
nel: {"report_to":"default","max_age":604800}
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding, User-Agent
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-id: Rw1pdqYD_oo6zp28Dlnc8nDWsXlvmDXQW023NH-vEZuXQkp69kH0xQ==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 flags.png
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/images/ 54 KB
54 KB 1421ms
1421ms Image
image/png 2606:4700:3030::6815:2e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/images/flags.png
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:23 GMT
cf-cache-status: MISS
last-modified: Sat, 09 Dec 2023 07:01:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUpKyaUjWLQJkrC9sUUz5fORsY2jc3jEHf9isvniM0SvCRojdAx8sfcc5IUr%2BI9%2F28GcjwuR8rdg9Lkahi%2BSq1otE2Mj8wSEB9qNBr0ydYk2gDDxmhwQ%2F5jXJ%2BPmtcjknrVCCsb%2F0wd6lYkgKhgQ4AXhgT%2BT%2BI234KH4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85704ea12cc644bd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 54996

GET
H2 200 alugue-um-carro-rentcars.svg
widgets.rentcars.com/images/default/ Frame DC01 9 KB
3 KB 18ms
16ms Image
image/svg+xml 2600:9000:2450:2800:13:8e49:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.rentcars.com/images/default/alugue-um-carro-rentcars.svg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 785c3ce630335580679d275c9848b5b17093914f890ec9b25a86f9775a64cf31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:14:19 GMT
content-encoding: gzip
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified: Tue, 28 Dec 2021 12:38:10 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P4
age: 49923
etag: W/"2eddf94fda465ad0a557b7243881899d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 1OKRUza7iTHOPsrdMpGNBf8F3N_VMQTSQuRSJ40b1HgoB-KQOAmPug==

GET
H2 200 rentcars-img1.png
widgets.rentcars.com/images/default/ Frame DC01 42 KB
42 KB 21ms
19ms Image
image/png 2600:9000:2450:2800:13:8e49:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.rentcars.com/images/default/rentcars-img1.png
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa283054352cdf13ddf4d0c3045abdf901cae945d099b10077e93cd821a4c498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 09:22:46 GMT
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Nov 2018 12:49:06 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P4
age: 35553
etag: "0eb77c36e550e3e3f46dd46b6fbe3faf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 42744
x-amz-cf-id: 3PNimENI_c8zSbtF_Eo8AzOEksqi0_A8LO4V6mJ_lW8EWfsPT6dNTg==

GET
H2 200 icon-search.svg
widgets.rentcars.com/images/default/ Frame DC01 1 KB
984 B 30ms
30ms Image
image/svg+xml 2600:9000:2450:2800:13:8e49:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.rentcars.com/images/default/icon-search.svg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aed43c76a7c5e093c0847d2e6cbfa567261e204446a539ba15a66fb26cd7c38e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 08:01:14 GMT
content-encoding: gzip
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Nov 2018 12:49:05 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P4
age: 39909
etag: W/"0dfdff0af8ca7ffc639a561d078dcb84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: -0Az9Lh0L_8EVJZCmmQ1SMB02o_pcU5evLdlnlDJB0ZbAQqrz_VEpw==

GET
H2 200 icon-select.svg
widgets.rentcars.com/images/default/ Frame DC01 682 B
1020 B 29ms
29ms Image
image/svg+xml 2600:9000:2450:2800:13:8e49:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.rentcars.com/images/default/icon-select.svg
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 121f4f3fe9d9a239fd380801ddaf3187ac229ceafbb5eab6e9741cfd4a9ad22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 07:08:12 GMT
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Nov 2018 12:49:05 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P4
age: 44046
etag: "ae9a737dc4b8c91e3e87655b0487d27d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 682
x-amz-cf-id: bCIqu_r9MbSeNf0XcSC_tt7N7XvKdMj01u1KJ20SqvRx61MX44-kUg==

GET
DATA 200
OK truncated Show response
/ Frame DC73 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 30ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 23:57:13 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 19ms
19ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:07:44 GMT
x-content-type-options: nosniff
age: 313118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Feb 2025 04:07:44 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 15:42:56 GMT
x-content-type-options: nosniff
age: 12206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Feb 2025 15:42:56 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 61ms
8ms Script
application/javascript 2a02:26f0:480:48f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:48f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=290
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 18679

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C 42 B
63 B 38ms
38ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_036qqs_f63ou8pTKjI15GdOp8DpZIHI4D76C88lw9lMuaQb326ucEVnhiumzy2AeQQLLvV4gXrH78mqCxq9c2RBnl6W4Jc-cTVvsEEW6toFKR6I

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 981C 93 KB
33 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 19:06:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 981C 3 KB
1 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 15:14:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 15:14:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 981C 20 KB
8 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 981C 204 KB
61 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 18:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 19:35:48 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D479 624 B
246 B 46ms
46ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:06:22 GMT
expires: Sat, 17 Feb 2024 19:06:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D479
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1

43 B
769 B

25ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sel3aB4ypyUWNmgbZccWGoUMkRnIBgwzI8yWhmNfWK9l%2B9NZvrmtdKmKEpXsdkrBbwgnajPt62PZ%2BtBRjQl4DuPjx9TCrTBNieX0NO79yVzny68GUTGeBPK4sw%2FCUS1VzSVVIRE9yCXNtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85704ea2f8631e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D479
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEDrlVbLcIAAEphABv0dAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1

43 B
733 B

35ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKXTn2JeZCkGXtoW3FTPRByCckA1pxrhzNlM6sRfIrqe3n1q2D8wKARjSodIDUOwk%2FFzPerbQl%2BUCVX6tQsxCfPLRhC%2Bzi5jiINxAdiSbJSPQyyECr8SD4htGONn8j4I1dA2yLxETglkrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85704ea338ce1e4c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D479
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
an-x-request-uuid: 88524e3c-8aea-4dbb-a9ab-376edb45ac55
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D479
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D

170 B
243 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
an-x-request-uuid: 9c27b7df-35b7-43ed-b092-fbbb710e8867
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D
x-proxy-origin: 178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6357320463679&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6357320463679&version=m202401290101&ct=77&x=1&cor=6414021584892290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 981C 34 KB
19 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApZOVyc8zjFjgX7LJxXf4CQKFg0iS48iIuD3HCXiEvFJvuzhxDAqVZdl0j7AhMtyfEpgBb9XEKoYlY9F6tjAjfADgYxjMvCWg9JmWAjB4LFtD6pXfW7C__IZhSF-1hon5rzHulDPkzGVbxYBx8WRj3zlt3U1hwKTJE-okZwl-CPXZ36yWk4uOEK57vdDqbULBGpDX3&cry=1&dbm_d=AKAmf-CtRTj_SSFbWCshMn3_mLonbDIoYd5byF27awvXTTtnZJfVjjS0iZuz9z-0t-SKMxLfEOAIS72gmH8hMsgBY-GwtGxh4rst7aJJotdmFeyeksJ1Ox8t4mz7ITiaQ9ack5-KYJgAsqO0re5c_LyGpN46z5opqb0MkoWX2PjjHDBe2yYn158Cbnzcl17jEoKQaHyMs51-QFDMOdTvwYV-f_GP5I2LmrQkb0ZLIRmplRf97QsNflUufRg9NGMEa0SuWV331ap192bSxhEUYztzw-oga9Dh3DliLCUdEksGJTvqws8xIh29x5Bsnf2i3G6gK8GSz56voYF7pRbfarF1ObU9dnoOCct-GkHyqOWmLWZFMV3mWreSlT_xvKxXi1QG8UVou5vpqZOZ6leF4EIouTEVtRe8ZpuvMABjYIM-ZZYaynvTgaiAQtoxUQD251PgVGhv4bejGQf_9meXq_pOdDtwAo3-Yha1L-4mmf6rAIgezm8EE1A9nF82kRWwL468EQ2BCNkTKkcwKX9dZxCYMRtvO7HlhA-NOL-vC29BvSzzj1a_xpRt2vqNnGRw7UUXsHie2eEpnBbV6iA1_-KLhU7BJ_uVcrvoSljqQn9azsWTCrxPNGpuEe1877BH3UGNv6rzOfckUrswhwv3VUNgM-W0ZvaOgwTuPHNtfOAFRYiDq5LwZNrW9bXIIqPFgiRwZA60Bl80220VV1jOSwHrAViRASqUEMgRTbZFbxiEYob_gRnG8c4p_7Tuv0LcOtKWLXun1m-3i5lD9oXy9-SCp0YDzh-_4iVW6k-cC_CTTdPMOPBCGxvDxGi1pKwUVFzI_TcK4ENV7I4lwvD8Lfvoh2jHTGwhOczBfAbq5EyH6e5MB4ZJzN6L2eYbPRL0h6lMi8vkw-MbJNta5Ph-DUFvC0Im2DzAuFR3nMPpTomzmwh5D7KKYjT9foKh19tQORfbj6qSMhA-M1jtHPdk2h0EXwd927TTK9oCUYNXjxcHnsbZ2I3cLa-2Bes81DV4VrbMffI95t7nwSFB8hQY__q4WmYmyI5kbgj4tQXCl1-jdCTrbjLIhgYtvJfQeeGSGFbftPirW0CTTXfbQaran-TrkIquReMJvXuDGIJUT9IzgNGYjhO-CXakKhRwy6NjPfo1qW4FqYgMQgG066DCoOmeiR5Jsk0eeA5X6RyIhnBmyeFP1-7t3IAU4xcC2ndLLKelwtPk0Uwf8VHAq67d4Ctnf06qzXkPkU8H2EOHZfL2Je4XlFP548WsEXPjX9YEmR4a6t0l6DLT7wlwYE0rdZRWwheofm8LAA4DroKtr-aebi6Gt5eA1BPYs5rmJrF2bkDV6viHiH4YduvSvwKfxMY2AkNWRu11oh9Q0ZqiR5KRH8pZI6AhBMOUVoEmumPJrXw3NU8A_dLUt4i8xfPWSOdK1U6MJ8UCGBuKIYFa63YrwHx_MJPtMqfDu4dtZS6oUgF-86InGM2oQNKEhL9zBPBc8NlxrO7e3yn8qdN3gDCUNUQWeioAf1Wn8BOHsmrbBbZCQ56xQBLd1r04UmiOyav8l2zCMkMVKGCPpz7a25NPLpyMZ_6P6TaHKYEeLEDvJuZx0bJIJgB1HWjdNiWqQJwAMD_-9etMqn9KwHGhSsbRFsiQw5SyZbNEazgaKCDjK-gaa06cwFL-c4cAtPUPvCkY_YYPR__AwBzfo5tLHr6sO4NsNvVpljClLeqLWuo4UjpunlLijYTGpzRFxkwGlLYEPDUMFrzZi0udRQqUvvLwCqnGOgZbHv8wtToX8FF10HcvPFsfvqo_K96tGNaMWvS0sbt4QT-iFhyR6afEemckPBk4g_YQEOBKyCEdCnDXi1KRDLgWTG0a_Ht7KBGPz7cT1-nROwnw5Q5TnaGIItV86-Uxyp4hIw_srstHlfV_4Jo8x_Ut2F0MOKfeWZxV7vhNP_K4QFHOv6NKs4QslntH3bP5vBNck5GGowcXESRLceWVY348g6-J-tbiyjuD9b5Ua7IeKrx96EvFIZgmB53taUrT0USQZFWkHt34yah-cvxU_dM7rPnUmc5kpA31CDI7Fh3eUk869oB9e9q10dOOQdKDM7t3FsRCQbfrUHH6PPLNZAkfSvbno93or7-gF1K8lNrX4QeLFvetqya14L7XiJVkKZZ_PFv0bOhUFh0FhHZOYoqPi5lj6DttJciHLWRpdk6aL20QwvhSnp_a73v3t63TFu2CB5wOeH4El4NCCgUJFo5Q3ONu4IDmi-SvkhyoE5jMyXHyNxBQkAWXUfhMYh-ZqAOR-oY57oY6vvaJDops0M8mjbvb5EXhvktmuN_eNLdE9e8A97XPxFY7CzC3zQ__xNhgwoBDww2ia-w7luHwHt3Mn7xOwxSTXzwOLKIyLHqR5civtlHkxUbNjwGnvLC7B23XzM0Kj1ZU94XInzXzmeCaBRELZIRRwRO7lj8tUyXUYP9WwCkNv8WLmbxrrd4YTDHXpFamjp6QQt0jtFAbBafdaYfC9spaqjFaGP-8ZAAta2E-D6eIVkn1QX2_nCLiHEI8Bj9BNPWbOUPY8ErP_2p8vpLAZSWAz4GPDlMKbp7pxqBBaSpfOdoD5H_zlrHBj7VZYkyNAbzsgmEg2lMwPkd8Dw4bt_TEjfIQjmuL7Ita6w3pKkuPUoREtOq6yUhiWKNHcNORz-3_HLwCsAbNuT6soJ5c5K_A9bAaJQ6ygWMDEJf46rFNKGkcOdD-hVUTJNKuL-TmaWz5PbxjIgMHWvwu0Nf01YoutIHFt53y_kPxikLblmcA0qdsv1MZPY1jd6vndGxplCRtEiQvwg21feQDTJ4TwIsdfWgXcErcTRUd02aRKtRz9kGE6j9fGVaUA28C8iNTZZX2Aluoecv6WzjlbV_WI2LLQITKjYQ3ZrcRWDlHbvdtu7LYOLMYFBm_XGfXSxZIy8wjHpf2t3SWkDyo8-5sqPPcz2YgWYJz-ywH49egL7wNOOMPtOCuSgLARyJdkDRR9su-wi4U6HfzJ8skSvoZxUWN_ojxi1s5Llvnp7mHHjRVqE8F3tKwtvQk5iUtX3xwRU0eb7jxURcOAhqc62XbskX_SpfRQWH_IkX5COznFU8sS6e2bNMSp_vEPv1-9ikTHbIw2JudaZVYgl6893sMYw4yPbCAIt-HSTLUH1tHnysO8418mexOScqyyEf93O-PIX2RtoB68aaFYLVp7zAF3GrvqlohNk80rtdwdUx6IM8liXYJG4bm4WosufjuW4sUj4rq0JvIxXBbvc6vvvnCv7-T_jp5WQyazy6NQ9Dd3EcCsgD38puKXNVu6ORxdERN7DgYFqJwhcBCGz3xCR3_KsCHNuI7xIk8Xaz0UejfvlM9cC9tYuo2Ed7XGZkeBh4hgweo0DalDji7hPv_ZYUVf4EowM0eARUGJTpcTFXW5KP581xfTOse8rZwAMUFwPPVEM6j0j55aZKM75mPyb_prz4H8sDAXjHX_MgUFIc_XZpK1zShtW7Lp10-ceUHBTz_LJoXHzEyA1qjq22ML310XlENlMSZuiv2yP9brFzyOQbTj4noI-2xv2hwiOmilaekRcDhNjwbDTUAxatrOb49yUf8WIvR7xARUtDFGxf7NSckjIk1Cnac9vd1JINyDFM82gldLk6bNjOcVAp6efsbmx10xL9UhPOeCV35gwz_PnOF1eQQBipX56IMKD-Qmd1LYCci1JHHGQ09YeMmXtJ1GVzyR7panv5Krss9Ht-9L1uAqLZI7E5Y1rakCi2xQZ3eH7h65bpiffBbv2E-KxEBJz_64W2AmPZY532ticcTFBtu-iCeJL5wzzcAqGF-ovn0SpvkfmWNLpCXQ2vq0ArBIxloycbyZ_DTIz93mN0rhiXffH9qc1kLBIHFuMgvVAjjYla10WvwlS2uC6BhnwOf&cid=CAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ds=l&xdt=1&iif=1&cor=6414021584892290000&adk=250412561&idt=53&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d2917b723451957f5cf053d228bfe95e80b21f158cddf98ac11511b17baf031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19568
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame DDC1 1 KB
1013 B 10ms
9ms Stylesheet
text/css 2600:9000:266e:d600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 02:11:23 GMT
content-encoding: br
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 1184099
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 14:42:31 GMT
server: nginx
etag: W/"5eda59d7-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: rO7HHgnera9dsKrWl-14YhuYwNWQ9sYiQc9p9fYfISLNntm8LfPT5A==
expires: Tue, 05 Mar 2024 02:11:23 GMT

GET
H2 200 f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame DDC1 11 KB
3 KB 11ms
10ms Stylesheet
text/css 2600:9000:266e:d600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 02:05:59 GMT
content-encoding: br
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2566823
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-2ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 4gQC9x3SdTpsmItkDXU9eCGuFRsVz8Gz9a4EzoGGQbGDmj18DWcKtA==
expires: Sun, 18 Feb 2024 02:05:59 GMT

GET
H2 200 19d26ccbecea13a40501b1a204f92d7797638c6b.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame DDC1 13 KB
3 KB 12ms
11ms Stylesheet
text/css 2600:9000:266e:d600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 09:45:18 GMT
content-encoding: br
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2366464
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jun 2022 06:07:04 GMT
server: nginx
etag: W/"62ba9a88-33d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: X2nndAKa7VN7k9ro0jFXzge6mpxNyEEsY6QP8Nhu7Geyf17lfqZLIQ==
expires: Tue, 20 Feb 2024 09:45:18 GMT

GET
H2 200 3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame DDC1 952 B
1 KB 9ms
9ms Stylesheet
text/css 2600:9000:266e:d600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:14:02 GMT
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 1745540
x-cache: Hit from cloudfront
content-length: 952
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: "5cadd1af-3b8"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Nes66BUEkN92UfHHvvOvgnOtzP1jdoV_NzMaoR0dr6NWkjVkpovRDw==
expires: Tue, 27 Feb 2024 14:14:02 GMT

GET
H2 200 ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame DDC1 3 KB
3 KB 13ms
13ms Image
image/png 2600:9000:266e:d600:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 11:43:26 GMT
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2100176
x-cache: Hit from cloudfront
content-length: 2904
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-b58"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: T97XR2Vp3sXR-3VRfBwWJTWMkLiDtDwtLlzaHFWBk-5TXl5tAIfZ_A==
expires: Fri, 23 Feb 2024 11:43:26 GMT

GET
H2 200 85522fc012ea427986aabb503405f288a30cc3c8.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame DDC1 123 KB
39 KB 28ms
10ms Script
application/javascript 2600:9000:266e:2c00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 09:45:18 GMT
content-encoding: br
via: 1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2366464
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 25 May 2022 11:00:45 GMT
server: nginx
etag: W/"628e0c5d-1ed10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: STdni5u-NckJ846oeI-VaO9SZyFDnEeajE_GP7w-z0WGHElAxbtRHg==
expires: Tue, 20 Feb 2024 09:45:18 GMT

GET
H2 200 eb78197b2eee9a032c319d91a6e1c581e295f284.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame DDC1 33 KB
11 KB 34ms
16ms Script
application/javascript 2600:9000:266e:2c00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 09:45:17 GMT
content-encoding: br
via: 1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2366465
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-84eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: _AmCdLlpitBUoB7AFaBxuGAfkgH_P8i1LI07mybZUYo2wVa50V9Jrg==
expires: Tue, 20 Feb 2024 09:45:17 GMT

GET
H2 200 a620a252f1d0110ab972e81348133431e8486098.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame DDC1 2 KB
1 KB 22ms
17ms Script
application/javascript 2600:9000:266e:2c00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 09:45:17 GMT
content-encoding: br
via: 1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2366465
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-903"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: -VC9cHf53S1xkWzL6XBMSIyukcXmXDig9cP3cd_zcXOXcSmUusoE6g==
expires: Tue, 20 Feb 2024 09:45:17 GMT

GET
H2 200 750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame DDC1 8 KB
8 KB 11ms
11ms Font
application/font-woff 2600:9000:266e:2c00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:10:51 GMT
via: 1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P8
age: 2577332
x-cache: Hit from cloudfront
content-length: 7772
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-1e5c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6LOk6lWRJvDm7L14YW2DgqJMfa8Lf24BOR6nJEOTnWbRsqJy8-QhTQ==
expires: Sat, 17 Feb 2024 23:10:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 981C 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApZOVyc8zjFjgX7LJxXf4CQKFg0iS48iIuD3HCXiEvFJvuzhxDAqVZdl0j7AhMtyfEpgBb9XEKoYlY9F6tjAjfADgYxjMvCWg9JmWAjB4LFtD6pXfW7C__IZhSF-1hon5rzHulDPkzGVbxYBx8WRj3zlt3U1hwKTJE-okZwl-CPXZ36yWk4uOEK57vdDqbULBGpDX3&cry=1&dbm_d=AKAmf-CtRTj_SSFbWCshMn3_mLonbDIoYd5byF27awvXTTtnZJfVjjS0iZuz9z-0t-SKMxLfEOAIS72gmH8hMsgBY-GwtGxh4rst7aJJotdmFeyeksJ1Ox8t4mz7ITiaQ9ack5-KYJgAsqO0re5c_LyGpN46z5opqb0MkoWX2PjjHDBe2yYn158Cbnzcl17jEoKQaHyMs51-QFDMOdTvwYV-f_GP5I2LmrQkb0ZLIRmplRf97QsNflUufRg9NGMEa0SuWV331ap192bSxhEUYztzw-oga9Dh3DliLCUdEksGJTvqws8xIh29x5Bsnf2i3G6gK8GSz56voYF7pRbfarF1ObU9dnoOCct-GkHyqOWmLWZFMV3mWreSlT_xvKxXi1QG8UVou5vpqZOZ6leF4EIouTEVtRe8ZpuvMABjYIM-ZZYaynvTgaiAQtoxUQD251PgVGhv4bejGQf_9meXq_pOdDtwAo3-Yha1L-4mmf6rAIgezm8EE1A9nF82kRWwL468EQ2BCNkTKkcwKX9dZxCYMRtvO7HlhA-NOL-vC29BvSzzj1a_xpRt2vqNnGRw7UUXsHie2eEpnBbV6iA1_-KLhU7BJ_uVcrvoSljqQn9azsWTCrxPNGpuEe1877BH3UGNv6rzOfckUrswhwv3VUNgM-W0ZvaOgwTuPHNtfOAFRYiDq5LwZNrW9bXIIqPFgiRwZA60Bl80220VV1jOSwHrAViRASqUEMgRTbZFbxiEYob_gRnG8c4p_7Tuv0LcOtKWLXun1m-3i5lD9oXy9-SCp0YDzh-_4iVW6k-cC_CTTdPMOPBCGxvDxGi1pKwUVFzI_TcK4ENV7I4lwvD8Lfvoh2jHTGwhOczBfAbq5EyH6e5MB4ZJzN6L2eYbPRL0h6lMi8vkw-MbJNta5Ph-DUFvC0Im2DzAuFR3nMPpTomzmwh5D7KKYjT9foKh19tQORfbj6qSMhA-M1jtHPdk2h0EXwd927TTK9oCUYNXjxcHnsbZ2I3cLa-2Bes81DV4VrbMffI95t7nwSFB8hQY__q4WmYmyI5kbgj4tQXCl1-jdCTrbjLIhgYtvJfQeeGSGFbftPirW0CTTXfbQaran-TrkIquReMJvXuDGIJUT9IzgNGYjhO-CXakKhRwy6NjPfo1qW4FqYgMQgG066DCoOmeiR5Jsk0eeA5X6RyIhnBmyeFP1-7t3IAU4xcC2ndLLKelwtPk0Uwf8VHAq67d4Ctnf06qzXkPkU8H2EOHZfL2Je4XlFP548WsEXPjX9YEmR4a6t0l6DLT7wlwYE0rdZRWwheofm8LAA4DroKtr-aebi6Gt5eA1BPYs5rmJrF2bkDV6viHiH4YduvSvwKfxMY2AkNWRu11oh9Q0ZqiR5KRH8pZI6AhBMOUVoEmumPJrXw3NU8A_dLUt4i8xfPWSOdK1U6MJ8UCGBuKIYFa63YrwHx_MJPtMqfDu4dtZS6oUgF-86InGM2oQNKEhL9zBPBc8NlxrO7e3yn8qdN3gDCUNUQWeioAf1Wn8BOHsmrbBbZCQ56xQBLd1r04UmiOyav8l2zCMkMVKGCPpz7a25NPLpyMZ_6P6TaHKYEeLEDvJuZx0bJIJgB1HWjdNiWqQJwAMD_-9etMqn9KwHGhSsbRFsiQw5SyZbNEazgaKCDjK-gaa06cwFL-c4cAtPUPvCkY_YYPR__AwBzfo5tLHr6sO4NsNvVpljClLeqLWuo4UjpunlLijYTGpzRFxkwGlLYEPDUMFrzZi0udRQqUvvLwCqnGOgZbHv8wtToX8FF10HcvPFsfvqo_K96tGNaMWvS0sbt4QT-iFhyR6afEemckPBk4g_YQEOBKyCEdCnDXi1KRDLgWTG0a_Ht7KBGPz7cT1-nROwnw5Q5TnaGIItV86-Uxyp4hIw_srstHlfV_4Jo8x_Ut2F0MOKfeWZxV7vhNP_K4QFHOv6NKs4QslntH3bP5vBNck5GGowcXESRLceWVY348g6-J-tbiyjuD9b5Ua7IeKrx96EvFIZgmB53taUrT0USQZFWkHt34yah-cvxU_dM7rPnUmc5kpA31CDI7Fh3eUk869oB9e9q10dOOQdKDM7t3FsRCQbfrUHH6PPLNZAkfSvbno93or7-gF1K8lNrX4QeLFvetqya14L7XiJVkKZZ_PFv0bOhUFh0FhHZOYoqPi5lj6DttJciHLWRpdk6aL20QwvhSnp_a73v3t63TFu2CB5wOeH4El4NCCgUJFo5Q3ONu4IDmi-SvkhyoE5jMyXHyNxBQkAWXUfhMYh-ZqAOR-oY57oY6vvaJDops0M8mjbvb5EXhvktmuN_eNLdE9e8A97XPxFY7CzC3zQ__xNhgwoBDww2ia-w7luHwHt3Mn7xOwxSTXzwOLKIyLHqR5civtlHkxUbNjwGnvLC7B23XzM0Kj1ZU94XInzXzmeCaBRELZIRRwRO7lj8tUyXUYP9WwCkNv8WLmbxrrd4YTDHXpFamjp6QQt0jtFAbBafdaYfC9spaqjFaGP-8ZAAta2E-D6eIVkn1QX2_nCLiHEI8Bj9BNPWbOUPY8ErP_2p8vpLAZSWAz4GPDlMKbp7pxqBBaSpfOdoD5H_zlrHBj7VZYkyNAbzsgmEg2lMwPkd8Dw4bt_TEjfIQjmuL7Ita6w3pKkuPUoREtOq6yUhiWKNHcNORz-3_HLwCsAbNuT6soJ5c5K_A9bAaJQ6ygWMDEJf46rFNKGkcOdD-hVUTJNKuL-TmaWz5PbxjIgMHWvwu0Nf01YoutIHFt53y_kPxikLblmcA0qdsv1MZPY1jd6vndGxplCRtEiQvwg21feQDTJ4TwIsdfWgXcErcTRUd02aRKtRz9kGE6j9fGVaUA28C8iNTZZX2Aluoecv6WzjlbV_WI2LLQITKjYQ3ZrcRWDlHbvdtu7LYOLMYFBm_XGfXSxZIy8wjHpf2t3SWkDyo8-5sqPPcz2YgWYJz-ywH49egL7wNOOMPtOCuSgLARyJdkDRR9su-wi4U6HfzJ8skSvoZxUWN_ojxi1s5Llvnp7mHHjRVqE8F3tKwtvQk5iUtX3xwRU0eb7jxURcOAhqc62XbskX_SpfRQWH_IkX5COznFU8sS6e2bNMSp_vEPv1-9ikTHbIw2JudaZVYgl6893sMYw4yPbCAIt-HSTLUH1tHnysO8418mexOScqyyEf93O-PIX2RtoB68aaFYLVp7zAF3GrvqlohNk80rtdwdUx6IM8liXYJG4bm4WosufjuW4sUj4rq0JvIxXBbvc6vvvnCv7-T_jp5WQyazy6NQ9Dd3EcCsgD38puKXNVu6ORxdERN7DgYFqJwhcBCGz3xCR3_KsCHNuI7xIk8Xaz0UejfvlM9cC9tYuo2Ed7XGZkeBh4hgweo0DalDji7hPv_ZYUVf4EowM0eARUGJTpcTFXW5KP581xfTOse8rZwAMUFwPPVEM6j0j55aZKM75mPyb_prz4H8sDAXjHX_MgUFIc_XZpK1zShtW7Lp10-ceUHBTz_LJoXHzEyA1qjq22ML310XlENlMSZuiv2yP9brFzyOQbTj4noI-2xv2hwiOmilaekRcDhNjwbDTUAxatrOb49yUf8WIvR7xARUtDFGxf7NSckjIk1Cnac9vd1JINyDFM82gldLk6bNjOcVAp6efsbmx10xL9UhPOeCV35gwz_PnOF1eQQBipX56IMKD-Qmd1LYCci1JHHGQ09YeMmXtJ1GVzyR7panv5Krss9Ht-9L1uAqLZI7E5Y1rakCi2xQZ3eH7h65bpiffBbv2E-KxEBJz_64W2AmPZY532ticcTFBtu-iCeJL5wzzcAqGF-ovn0SpvkfmWNLpCXQ2vq0ArBIxloycbyZ_DTIz93mN0rhiXffH9qc1kLBIHFuMgvVAjjYla10WvwlS2uC6BhnwOf&cid=CAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ds=l&xdt=1&iif=1&cor=6414021584892290000&adk=250412561&idt=53&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:22:57 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 981C 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 381518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:07:44 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODE5Njc4MjUyNzkzOQogIHNlcnZlcl9pcDogMTM5ODAxMTA4CiAgcHJvY2Vzc19pZDogMzk3NjY5OTUxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 981C 0
858 B 109ms
55ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODE5Njc4MjUyNzkzOQogIHNlcnZlcl9pcDogMTM5ODAxMTA4CiAgcHJvY2Vzc19pZDogMzk3NjY5OTUxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDQyOTk3NTE1MDE1MzI4NTQ4MgpkZWJ1Z19rZXk6IDM1MTI3NzM3NzQzODY0MTU2MjYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTE3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU4OTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNzA2NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNApkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa7e13ea0ee4d4a6f0000000000000000","13":"0xc74f3fb3a626ad5c0000000000000000","14":"0xc5c5013a4e9a6b340000000000000000","15":"0xabe5107db2caa72e0000000000000000"},"debug_key":"3512773774386415626","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14429975150153285482"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 981C 11 KB
4 KB 46ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1708196782168869&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d3b2174ef87bb1b4e7ba0bcc29a1d08f8634a6d0067024b26a57b678ce64861c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4202
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DB0E 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 381343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:10:39 GMT
expires: Wed, 12 Feb 2025 09:10:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame DB0E 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 08:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 08:12:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 981C
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

99ms
77ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol: HTTP/1.1
Server: 94.130.102.164 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 8f92bd2f09596366bd56aba34214f2e2d485383c1fbc0d38311691e06edf6df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96808800120174304444554012603012
Connection: close
Content-Length: 1118
Expires: Sat, 17 Feb 2024 19:06:22 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 19:06:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 17 Feb 2024 19:06:22 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB0E 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKuXTrgPRZcOcIJTk1PIP97ye6A4AAAAAOAHgBAI&bg=!JSalJmnNAAZN4L4YbeA7ADQBe5WfODMJhjoh1xLohPL0pUi_808X5RL033SmNUECE5vXj4XR2QJY5WjwTFaGy26To-4RAgAAACxSAAAAAWgBB5kC_iZo1un8Z-T8xhFt2yqS-bo55CPsuI5ek7RnaA969zs0unxO4ncMtQVOH55Ezv-3PJcqlSKAthbLeFgD_RlrRpmYT8m8gb01mH5B4HUn3jG12JAE1n0e9s2FCic5dMly_zatlHTGsnjto-D0Q8m2eGV2SwvQjQhrfdQ7zfZLerX__AbRPu00f-fm8wk8NFTFBadiVyIJuw6tliiL6thOiqws32HlZjVvkgcsFkCDtCKt_t4xbm1ihYv8BN2TiILpJlXoH-QexKUQD0N1reUyho_ZIkAXpM3Jtv0WcUvubNOgNePQyDByKetUmOsG9PDWYFnriWen_UbMgCVohnNgV0egFtXhTGaCqQzjeQrW0eEJHLosM8Nnhl6aWLzCq5OzH4x7yF9dVOOoogAeUo7PPGKRKXt9m2k6VoT7zQ5upb5t4dlsIOH3WGlRr9-jn18n8D4hhp9eZJMz5nrRVM_fUVukXJApBpHcEC7qYLWbz7tuveHUeeaXWz7xw0zXvwSqyTLEjDdjK2cv_aqna4LxYxT01hIZGuNv66sLIogsbi2zwRiweJmdklK3LOg6UEVek23AfnXvU_ThgiENltHQc5xCLoM3s24J_d-BmKMxcKBit6D9jDucCRZVkC1iIknUfeQNHwGzAhdC-fz6sdoui8CbvedManMc7AmTn6_uwWnkNe1dLzrmTxODDRZJPwLiIYfdyGAuLE_b6B33zNPzBuTdh_FG3B3JwKRVzLtAzZtoMhMj-5FjtR_nvO2vih4hJ6NOkDbatRfYBPDHUoKoIQY5k42vLadN54bOwCAj-Vq1fD-rd26mMhVuxkhb1BwaJAh5Bui-tXRYe6Png2tg6Zhbe7Jgh1JMW2kyUNVvM5F-ifNdvHTB2cde0FQTBf2dsn6RlO_ZyaPu-RQXVG4H9drBPKtwTcUk70ohynas6W7fOkiFwrrkt1G2_X1Z5mBtEbnV2d_JbF-ul5u9GM09Bh2FR33itkVEcyc0Ud_Nc_KgKrtaIpl8Qlfqs2dhF80

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame D3C7 0
326 B 57ms
16ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sat, 17 Feb 2024 19:06:22 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame F216 930 B
923 B 68ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sat, 17 Feb 2024 19:06:22 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sat, 24 Feb 2024 19:06:22 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 89f7480c0afa0150827cf163f8728151 Show response
pv.medialead.de/trck/epv/ Frame E061 0
327 B 55ms
15ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sat, 17 Feb 2024 19:06:22 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 981C 0
326 B 58ms
16ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 981C 43 B
360 B 58ms
17ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H2 200 css
fonts.googleapis.com/ Frame D917 9 KB
2 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:400,700

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b10a3f9a041b4026e62ccd238bed1b682ba3be109da9c56874cdb3dfe8ec35da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 19:06:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 19:06:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D917 4 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 17:08:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 19:06:22 GMT

GET
H2 200 frame.css
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917 3 KB
947 B 1231ms
1230ms Stylesheet
text/css 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/25/frame.css

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fa85a6d3130d68368d8eb097f0d62ffbe4f2e7faefcb374724a85320e8c51c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:23 GMT
via: 1.1 google
content-encoding: br
strict-transport-security: max-age=15768000
last-modified: Wed, 18 Dec 2019 12:20:19 GMT
server: nginx
vary: Accept-Encoding, Origin
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 36419c10aa.js Show response
use.fontawesome.com/ Frame D917 9 KB
4 KB 490ms
168ms Script
text/javascript 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/36419c10aa.js
Requested by: Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b9dee62e0557493982b3e8682adb06f8dfd2d3e8a5df8e35ca6a6c9d0c3377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7012
etag: W/"556e74862ce5d7f41289e55e881b9b0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii7Phr%2Ba4F2bNgIpD7dP7bqd1C1mZlO8ACINue9JIjUuD%2BK0jgZXoumauoVA19udXxI62ibTlXx5g7b6XTEAyMqRbEC49Cj3pX24MgW7P3I58ExMm1ojtTvBamEWx%2B4WnbBC3touW6dhSWnSZRy%2BsBPS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 85704ea70cc040ce-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 seguros-logo.svg
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917 9 KB
3 KB 832ms
832ms Image
image/svg+xml 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/25/seguros-logo.svg

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ebbb18acc67b5e220bc5af1b20a5fbf1516ce3eb64ec881f87d0ae8bf9ecb91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:23 GMT
via: 1.1 google
content-encoding: br
strict-transport-security: max-age=15768000
last-modified: Wed, 18 Dec 2019 12:20:19 GMT
server: nginx
vary: Origin
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jquery-3.2.1.min.js Show response
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917 85 KB
27 KB 1660ms
1660ms Script
application/javascript 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/25/jquery-3.2.1.min.js

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:24 GMT
via: 1.1 google
content-encoding: br
strict-transport-security: max-age=15768000
last-modified: Wed, 18 Dec 2019 12:20:19 GMT
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jquery.maskedinput.js Show response
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917 10 KB
2 KB 568ms
568ms Script
application/javascript 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/25/jquery.maskedinput.js

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:24 GMT
via: 1.1 google
content-encoding: br
strict-transport-security: max-age=15768000
last-modified: Wed, 18 Dec 2019 12:20:19 GMT
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 frame.js Show response
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917 2 KB
747 B 639ms
638ms Script
application/javascript 35.199.118.124
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.segurospromo.com.br/site/banner/viagensevivencias/25/frame.js

Requested by

Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

124.118.199.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a1bd384420c4b49b6267723443e97a992c75631086dfae32185715b1da22e18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:24 GMT
via: 1.1 google
content-encoding: br
strict-transport-security: max-age=15768000
last-modified: Wed, 18 Dec 2019 12:20:19 GMT
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 link.html Show response
track.webgains.com/ Frame 981C 2 KB
2 KB 152ms
81ms Script
text/html 13.42.154.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=96808800120174304444554012603012&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.154.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-154-21.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6166aa15489a8227991fe82cd4061da41e595c2ee69e615900eaa34c49385308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
last-modified: Sat, 17 Feb 2024 19:06:22 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 17 Feb 2024 19:07:22 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 6444 7 KB
2 KB 34ms
12ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 60d9ae14effc13117e6f987c94e8a62f53596d779eb24ac0e68386078c2de642

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2049
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Feb 2024 19:06:22 GMT
Expires: Sat, 17 Feb 2024 19:06:22 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 981C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86229f23db594e7015f46d8ae7774af13dcb6228db3a42356016804c98bade0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F216 183 KB
65 KB 39ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b465efd816286ca357842eb17ae180b11de86c5a6bbeff90d603381fa6019576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66650
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Feb 2024 19:06:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6444 5 KB
778 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 19:04:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 19:06:22 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6444 17 KB
17 KB 35ms
14ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 23d10acc1f846d4e4427c5a87d713262fe978daf00aa8e5ba05c7c89c776e681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16990
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6444 16 KB
16 KB 36ms
15ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 5b18c395b6f60351c8b52b69f35c6b7574f0c79ad80f8bed3fc3bfcfc3a966fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16521
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 6444 13 KB
13 KB 37ms
15ms Image
image/png 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: b8b0ba8831586f52444c697dc117635854d752c941310cbb3cbd06f00b736101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13292
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 6444 0
150 B 36ms
14ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=96808800120174304444554012603012&a=e0d0f45e&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 19:06:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6444 14 KB
15 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:59:08 GMT
x-content-type-options: nosniff
age: 385634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 07:59:08 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6444 15 KB
15 KB 26ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:47:53 GMT
x-content-type-options: nosniff
age: 382709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:47:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F216 280 KB
93 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ec851f209981a582bfad5e671a5a8cbea19a9b93f0ab9d88d52da49d6dd1b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 19:06:22 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 981C 56 KB
19 KB 50ms
8ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=96808800120174304444554012603012&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a178ba95421189cb0b7274927e4f1d35e22bd392b65b87a6a9a3e7f4055477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:36:35 GMT
content-encoding: gzip
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 10:01:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73789
x-amz-server-side-encryption: AES256
etag: W/"3fb1dfeeb4c566b4a2aee7a623471da6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ii1lSRwmdQBt-J5FvF-xhhRI3LSfvuNkGYodXNFC9nGfy8GpyMtN8g==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 981C 85 B
437 B 43ms
8ms Image
image/gif 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1708197082&Signature=fMGgNyFZt6w6sOOhRwAIuCBwc33-qmDj0akGlTSeDIGgIpR76s5IlYd2D6mvAch0F4UduoxHA3G7bsv49Hksmf~X1idS7uwia6tb2Dohx0iZfAVtnlbQwo8wuP7i8xVXRi-kYFHBfWFLNCClQ9tNlnPSRNVfXru3WTjGjESS0YByMJXwoXWTYJJTWy54iYBTwsuMrK-QzbUps-io4mcAO2wHPLzbew5r9evZyf6nOub8gaITiyM~IJH7M4uI47ubTc6GcomoVNUHPxJMhahg4N1CbX5FU-eRP5wzdQssGSVZznFoUr808xx--Rm~9iyRjcNLUAnLGvPCFf1Ywds3ug__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 17 Feb 2024 07:58:32 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 40072
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: 3SZo0L8BoBkWzyx8mExOvQGcG31DJbIZcU1YM44nq8DXY-tuZZR55g==

GET
H2 200 /
log.pinterest.com/ 0
350 B 63ms
36ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=3F19u0wp_4Ek&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&viaSrc=canonical
Requested by: Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 17 Feb 2024 19:06:23 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3071843267547871
content-length: 0
x-served-by: cache-fra-etou8220029-FRA
pragma: no-cache
server: envoy
x-timer: S1708196783.393396,VS0,VE28
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 981C 16 B
209 B 75ms
75ms Fetch
application/json 35.178.247.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.178.247.241 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-178-247-241.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Feb 2024 19:06:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 85ms
23ms Preflight 35.178.247.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.247.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-247-241.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 17 Feb 2024 19:06:23 GMT
server: nginx

GET
H2 200 36419c10aa.css
use.fontawesome.com/ Frame D917 1 KB
735 B 171ms
171ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/36419c10aa.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/36419c10aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf141db42052356ed5a8490bcba4a12094e78c81d4475622d812ce57fb7ac378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.segurospromo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:32:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6470
etag: W/"4cae4744001f29349db33beb713d6c6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Beh%2FNiFYd7TvKfRoWSA6PmUBNp7hkS%2BDnag1qom9DRR%2BLZqU0bQfWWCrN3s3xyUY9FqShnx2Wr9y1r1kNylB7zwoaa%2FN4pZ12YUWWDQERviAZopUgeZVjBAQYilvL6WZZl0UJhOAGKI6s6zLyKUn%2BKK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 85704eacbf0740ce-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
fonts.gstatic.com/s/yanonekaffeesatz/v30/ Frame D917 26 KB
27 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yanonekaffeesatz/v30/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f7f87bd3d618507238749eed46e27541b21abf3350268ef7e15332f64bfe6b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.segurospromo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:50:18 GMT
x-content-type-options: nosniff
age: 382566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27116
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:50:18 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D917 15 KB
16 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.segurospromo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:49:41 GMT
x-content-type-options: nosniff
age: 382603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:49:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D917 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.segurospromo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:51:30 GMT
x-content-type-options: nosniff
age: 382494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:51:30 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6357320463679&version=m202401290101&ct=77&x=1&cor=6414021584892290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 19:06:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ Frame D917 30 KB
7 KB 176ms
176ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/36419c10aa.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/36419c10aa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1450723
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2HoLcZwGda1JB7rDdJkm81GFontsTygcD1ONk5ZWK7D2NBWxddztm%2FvisdAoNOtEYDonHlFZgCwiScn%2BY8vi7dfdK9xioJm2vFm7tal3P3GXWHigwIZUti%2BqhX31Esqe5Vt2ZmNB8fI0Hk%2F0eodZMl4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85704eadc8f840ce-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ Frame D917 75 KB
76 KB 526ms
24ms Font
application/font-woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/36419c10aa.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/36419c10aa.css
Origin: https://www.segurospromo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40412
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmOYx%2Fsr%2BIcsNbrds96d9Vc1VT8FYhixKbxAgHtVwFcA8QSmD2OIbILCNNAJSzZGWQlOZJgPU4QNg0fu2nymoXfwvrDKu0Xkp%2FbYG01IdXZQYIIipoFGuxeg78OCCjIqY1Vwoy2ODkE4hsUbbVH%2BDnrp"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85704eb1c9f33d17-CDG

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
64ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19c1f077648b77437135ad28605e98e56f0ff8c986cc61ff313826f7f130da06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12457
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 145ms
144ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 19:06:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9239 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 15:50:51 GMT
expires: Sun, 16 Feb 2025 15:50:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F68B 829 B
1 KB 49ms
27ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

203b62b41903a3d30043e3241ea2805fefdb8056ff9c8cf8b7839fe4e1e48a53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lQWDYBLXHqkPFH4Lb2UWkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lQWDYBLXHqkPFH4Lb2UWkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 19:06:25 GMT
expires: Sat, 17 Feb 2024 19:06:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9239 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 08:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 08:12:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F68B 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=126682925859288&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9239 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1601cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 19:06:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=126682925859288&bg=!enmleTbNAAZN4L4YbeA7ADQBe5WfOMeuh_qxfLJEEOCfLiLWu3sL3G-y2Lfh0oo6Az9GB1mIrvdnUE3rtqeP8EcdHZAjAgAAADVSAAAAAmgBB5kC10NlBunAdy_aN2WZ7DOBQvR6OVfeCXZHEiRI6i8KG0TYaqzV-kE-6v1_BKU1NF_HMEmngCEPQ7q3wE2UOvO8tZVvBrXxs7q0t8wzKVEFLnIOtAKTpmWdp7cdT5rg3tiOQZsjO4RNbVL5o7pQaonqNOQtojAOFP4xBfHSBCcvCw-s04hsziJ8NYVRa2Q_cC8oOhEQ8tiCw3n61h4Hy3fabUQB-4JB4zQEsUBTECJdLsEHDpk0LN_LR2Xasx6gAKvUAXsmoZkDt_Ikb2TQFs0Q5MPTrU5D--DwbqsVg5GNC2LnPTb0fryuGBTWNOlofOgsypQIatob2k25TxhOBDmmM5SD3N-zhEcZHKY765d3q2xF1ySQJ4ft0lSlOrCsNAzovvv1pfyQw11J1GNL9gpGBDnT8KnUcdNsJdEeI2lgDHVa0f0FSXKezyjjDTfE8m4SFEnyBmtUMw1_ZX6w_ylUAw4l0K96gg9VE4rBCp6eKvczYFrxoqT5vldbG6Hh6vnscuZKBwEe-scxRX59SqAt5amBBv_0vz1cWUMTdqn3JpqqoylE9OO9PTk86q87nlJnzO3Q8ELYEGV_Gi-vYe0tNReGR7CDfM2SQsrIhf1aiteZYU1qtMuO2V9jSvCafLQAhQPA7Hf-LliSn9vw1D3NZZ9SKT9nguL8hS1JN_TS7N4GyKGPAicYgOfReAJtytdabI1xsMRRuyJjpe1lc6EwOjRv_zx0xPJyt9DhUeonR82oeP1SQVJG81rYh1qxBJ7izY-lTjnWrY41nnoDcuwebF4dCWG_zs33empKS0SNEQLRSdTbMnwzxv2ZuJ4nSNJiNl5s05e4oJ0kBO3mdl2P4YipXgaoKLT_ywYMO367ZDBrC-kL_ZA7_VldKxS9uLct5ZSyJZXZ_XB_ombnrpsQy4zB_nkZLgHlwgezoFkRxBpLxymwejZrUuH6zbbIYy0YAkztd_jw5hA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.viagensevivencias.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.visitbritainshop.com/	1970-01-20 18:29:58	Name: __cf_bm Value: VXhvsqIOoM.cSdpp0lRwMiPyMPifSmR2EjkZcepAVKo-1708196781-1.0-AUnU86aHlXdt4VM7tEHBDLPg7ihIZykGc47jQilhL+fTc1TFlQe6V91/K5IeKCK4GGrZ0mo6YBzo50+q86ms1do=
.doubleclick.net/	1970-01-21 03:51:32	Name: IDE Value: AHWqTUljimdQhXZcEgtFFX_WjHdAHyxytLDPZuZa1dUGPOpR7-N5y-vh3PchmYz7
.booking.com/	1970-01-21 04:05:56	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT9X5rvtJ%2FFy59N22cBd%2ByMTIbRuqoA1PURcmh7GwS6GlAF%2FWpFAQLH0%2B7uiWrwAYCi4Re5gWL8IyaqRpFJLGs70KjVtcIw6x5TmPQuIAQRtEz7D2gSMYgTDTEHr6qNnl%2FaLG0c4a%2BAjPV9%2FrRt7OchVqFFlk8nFsRw%3D
.casalemedia.com/	1970-01-21 03:15:32	Name: CMID Value: ZdEDrlVbLcIAAEphABv0dAAA
.casalemedia.com/	1970-01-20 20:39:32	Name: CMPS Value: 3380
.casalemedia.com/	1970-01-20 20:39:32	Name: CMPRO Value: 3380
.adnxs.com/	1970-01-20 20:39:32	Name: XANDR_PANID Value: HHOtxJK-zPvvkhGhzC5BceWS8mwgmZVfv_O7A2YoTCyYqg5pGNmN2hMxQd-XbO_VJZQoyXozenfd7ZBO-9VJX36EZ2spEAa6yF88K60nze0.
.adnxs.com/	1970-01-21 04:05:56	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:32	Name: uuid2 Value: 5154117859750543426
.doubleclick.net/	1970-01-20 22:49:08	Name: APC Value: AfxxVi6MKIR5D4M1ZrHNs3b2F6vLvF2N9yHa0fDXUryz2JVcoaG1Pw
.doubleclick.net/	1970-01-20 22:49:08	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>y^R'9w!1yIE`fS1ueD1W-044)d+]Uf`Bnozcq@e[AD:E-A?rjIn3M]i1)XqUfBz6hP(hw9P-HC_#tuSy.=1d
.doubleclick.net/	1970-01-20 19:13:08	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 20:39:32	Name: 8lcfmzhxc8d6_uid Value: 5819abb7c8a0cad5
.viagensevivencias.com.br/	1970-01-21 03:51:32	Name: __gads Value: ID=a80e917367e46de2:T=1708196782:RT=1708196782:S=ALNI_MYUCja8SPRw30pq86kCd64IK3qLMw
.viagensevivencias.com.br/	1970-01-21 03:51:32	Name: __gpi Value: UID=00000d5bde8c451b:T=1708196782:RT=1708196782:S=ALNI_MYlxdEpVUAr32y1ZUNhlAZPWL7Q6g
.viagensevivencias.com.br/	1970-01-20 22:49:08	Name: __eoi Value: ID=40a5cf90e90ea9e9:T=1708196782:RT=1708196782:S=AA-AfjY-8R4iLcNdvJtwZcKT9ZeN
.office-partner.de/	1970-01-21 04:05:56	Name: source Value: {"webgains_webgains":{"timestamp":1708196782943,"clickCookie":false}}

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.viagensevivencias.com.br/ Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.viagensevivencias.com.br/ Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.viagensevivencias.com.br/ Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.viagensevivencias.com.br/ Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.viagensevivencias.com.br/(Line 1051) Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.viagensevivencias.com.br/(Line 1051) Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.visitbritainshop.com/~/media/6faaf670fedc4749a863a886160b6f4a.ashx?cid=889139dc15e84a488ff5482cc4cb4f4e22317 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.viagensevivencias.com.br/(Line 1149) Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.viagensevivencias.com.br/(Line 1149) Message: Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.viagensevivencias.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adv.office-partner.de
aff.bstatic.com
analytics.webgains.io
api.webgains.io
assets.pinterest.com
cdn-images.mailchimp.com
cdn.track.production.webgains.team
cf.bstatic.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
ib.adnxs.com
log.pinterest.com
pagead2.googlesyndication.com
pixel.wp.com
pv.medialead.de
s3.amazonaws.com
stats.wp.com
tpc.googlesyndication.com
track.webgains.com
translate.google.com
translate.googleapis.com
use.fontawesome.com
viagensevivencias.com.br
widgets.rentcars.com
www.booking.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.segurospromo.com.br
www.viagensevivencias.com.br
www.visitbritainshop.com
104.18.36.155
13.42.154.21
142.250.185.194
144.76.238.55
151.101.64.84
16.182.37.216
172.217.16.134
18.172.112.77
18.66.147.120
185.89.211.84
192.0.76.3
2600:9000:2450:2800:13:8e49:800:93a1
2600:9000:266e:2c00:5:bf05:acc0:93a1
2600:9000:266e:d600:5:bf05:acc0:93a1
2606:4700:3030::6815:2e6b
2606:4700::6812:1655
2606:4700:e6::ac40:ce26
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a02:26f0:480:48f::1931
2a04:4e42:400::649
2a0b:4d07:102::1
35.178.247.241
35.199.118.124
52.222.214.43
91.121.248.44
94.130.102.164
99.86.4.94
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c
01bfcebf8e055ef562c2cb24ed4a23fb9f7162dc385366b893047382fd298641
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0918166c496afea920ec13030858726b4ab668ef1ed5116870acf6363600859e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec851f209981a582bfad5e671a5a8cbea19a9b93f0ab9d88d52da49d6dd1b9c
12160ce59fa72f3cefdfcf9cf5a260518e60a74c89914c6ad8eac5e6055bac22
121f4f3fe9d9a239fd380801ddaf3187ac229ceafbb5eab6e9741cfd4a9ad22c
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
163f6c3c901afe6a612bc03fcc06dd6294c550fd2cb08f4b1974720227e1bbe2
19c1f077648b77437135ad28605e98e56f0ff8c986cc61ff313826f7f130da06
1f1fffdcfccb2ca03296d8e054da2d690323fe46c66e00d9419604c830d21215
1f7f87bd3d618507238749eed46e27541b21abf3350268ef7e15332f64bfe6b3
203b62b41903a3d30043e3241ea2805fefdb8056ff9c8cf8b7839fe4e1e48a53
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab
239e069d2014fcbbcb5a4a67967c79789bd5a5e439bfa3478e0eaf806f74361c
23d10acc1f846d4e4427c5a87d713262fe978daf00aa8e5ba05c7c89c776e681
2421eba6a5f0196c8c566fbb18f7768f80439d6926e6e8745f3aa4e54767c012
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
250c8806819c62a4baac259e585e0e2e7248393c545c90378b7c23050d4f0bd0
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2aa505a019656c15198702f3fa8079fdb1feba20aeeef3149f4911dabc5a49e6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d2917b723451957f5cf053d228bfe95e80b21f158cddf98ac11511b17baf031
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38b9dee62e0557493982b3e8682adb06f8dfd2d3e8a5df8e35ca6a6c9d0c3377
38f225b5251497cc1900cad7df4aabab137cea27ca96ff76ce673e46acaacd3c
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3f87761e3ddafdbe2dbdebbf53cda77ece8bd4ccebc1cde27c61b754661217ab
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
5b18c395b6f60351c8b52b69f35c6b7574f0c79ad80f8bed3fc3bfcfc3a966fe
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5dbb9e7d877d0b7415ebacb36fd3084c9303e0fcb3c618857688fb3b5a71fe92
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
60d9ae14effc13117e6f987c94e8a62f53596d779eb24ac0e68386078c2de642
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6166aa15489a8227991fe82cd4061da41e595c2ee69e615900eaa34c49385308
61ac7d0f300e539bdfeef28e3d1e11973abd2b26d047453627713b7e3cc07cd1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629fb0f35b142f731c60f1e5da22426a4d9b5075882f7a1c0e380988332481d5
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076
6568c82039f002adc68452920ff425301516339ce291bda12e87edbf7722efa6
660b9a122d2917234c35fc2ea3fe32ddf6be77ca40e6e7fd7d29366f7aadc802
6649d18533b066b695bd21b1076e1e00795e22911c395360c102803ea3ecfe31
6872150eed5592efb18a2c183c473be2217dff08bb90c286120c82c566791e80
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
6a6d4ff23b7eeb8c2d947863ec55e982f4e8d4ccba27494cab579fd2ca3af576
6ec016f847d46b279f094aa6cda60ac858b09ca3195b0b7d25dbac47e0e72929
6f235e65a6ed9a8576cbfd70b9b603a24a49cc64a66437c2463f10b22ef5650b
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
705110851e09c9f6cb085ea3f01e720444f320eab7499dcb5937af0c9ddeecad
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
785c3ce630335580679d275c9848b5b17093914f890ec9b25a86f9775a64cf31
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
809ddb9149ce97e1797b49404308974e0d139e5712386237a0805db5864ef5b6
820576cf450d6895ef6db37ba52e767da917320e81504fe05d3941fe558bf19c
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
8f92bd2f09596366bd56aba34214f2e2d485383c1fbc0d38311691e06edf6df7
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9cae8e0814fc8ddead7a75b52bc99aba056073d1f4cdafb2376871b1942dd046
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741
a1bd384420c4b49b6267723443e97a992c75631086dfae32185715b1da22e18d
a4b3bd214febbc4a40459d9517ea423b5082c343a9a279b3c947cd4fea93dd9a
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
acb7d02409979942c470cc15d4ddebfd65a94c6ba32f09f16111f3ac5410e7b3
aed43c76a7c5e093c0847d2e6cbfa567261e204446a539ba15a66fb26cd7c38e
aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f
b10a3f9a041b4026e62ccd238bed1b682ba3be109da9c56874cdb3dfe8ec35da
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b40ebcf76c5c3097a7153ca44677acc65f7c6538dd0e91e7a5fa31d87dccde72
b465efd816286ca357842eb17ae180b11de86c5a6bbeff90d603381fa6019576
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8b0ba8831586f52444c697dc117635854d752c941310cbb3cbd06f00b736101
bfdc837d965571afbffed6f1095e2e6a0c4aa85b11fde670ade337c1fcc750f3
c034d62db887020102d2f40d5b18acb6f2910dc10b1de19d218844e5d3a3caf5
c5c1afed412e5789454807ea8f4c88f90fc70c54b96b6719a60bb5f9db3391b9
c6fde82c3138355f926c01914f4a2ea6b31f8c5e9a194d50a377235afae30a50
c8c2c51efeb79b5134d90f3e2f7c7947a9f8aa279aab4c844cfef683537ed8ad
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ceecd11d5b15305c721149f7eaa5bd5d719f6544266c2f10eac84b9f0927fef5
cf141db42052356ed5a8490bcba4a12094e78c81d4475622d812ce57fb7ac378
d3b2174ef87bb1b4e7ba0bcc29a1d08f8634a6d0067024b26a57b678ce64861c
d5a178ba95421189cb0b7274927e4f1d35e22bd392b65b87a6a9a3e7f4055477
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b
e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017
e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf
ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445
ea9145153049369ff670cf938c1442962c7dc7c5517dda4ce2adc94600195dcc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebbb18acc67b5e220bc5af1b20a5fbf1516ce3eb64ec881f87d0ae8bf9ecb91e
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7613c1e6d992008618526292680a332b320413401ba19ced06381bf6221045c
f86229f23db594e7015f46d8ae7774af13dcb6228db3a42356016804c98bade0
f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b
fa283054352cdf13ddf4d0c3045abdf901cae945d099b10077e93cd821a4c498
fa85a6d3130d68368d8eb097f0d62ffbe4f2e7faefcb374724a85320e8c51c46
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

www.viagensevivencias.com.br Open in urlscan Pro 2606:4700:3030::6815:2e6b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

165 Requests

95 %HTTPS

53 %IPv6

26 Domains

38 Subdomains

38 IPs

7 Countries

2679 kBTransfer

5344 kBSize

18 Cookies

17 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.viagensevivencias.com.br Open in urlscan Pro
2606:4700:3030::6815:2e6b Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

95 %
HTTPS

53 %
IPv6

26
Domains

38
Subdomains

38
IPs

7
Countries

2679 kB
Transfer

5344 kB
Size

18
Cookies

165 HTTP transactions
3 data transactions