www.viagensevivencias.com.br Open in urlscan Pro
2606:4700:3030::6815:2e6b  Public Scan

Submitted URL: http://www.viagensevivencias.com.br/
Effective URL: https://www.viagensevivencias.com.br/
Submission: On February 17 via api from US — Scanned from DE

Summary

This website contacted 38 IPs in 7 countries across 26 domains to perform 165 HTTP transactions. The main IP is 2606:4700:3030::6815:2e6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.viagensevivencias.com.br.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.
This is the only time www.viagensevivencias.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 64 2606:4700:303... 13335 (CLOUDFLAR...)
7 35.199.118.124 15169 (GOOGLE)
1 18.172.112.77 16509 (AMAZON-02)
1 16.182.37.216 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
6 2600:9000:266... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:245... 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.214.43 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.194 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 3 185.89.211.84 29990 (ASN-APPNEX)
4 2600:9000:266... 16509 (AMAZON-02)
1 172.217.16.134 15169 (GOOGLE)
4 144.76.238.55 24940 (HETZNER-AS)
1 4 94.130.102.164 24940 (HETZNER-AS)
4 91.121.248.44 16276 (OVH)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 13.42.154.21 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.120 16509 (AMAZON-02)
1 99.86.4.94 16509 (AMAZON-02)
1 151.101.64.84 54113 (FASTLY)
2 35.178.247.241 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
165 38
Apex Domain
Subdomains
Transfer
64 viagensevivencias.com.br
www.viagensevivencias.com.br
viagensevivencias.com.br
1 MB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
384 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
ad.doubleclick.net — Cisco Umbrella Rank: 149
37 KB
10 bstatic.com
aff.bstatic.com — Cisco Umbrella Rank: 67502
cf.bstatic.com — Cisco Umbrella Rank: 15302
74 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
98 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 36155
hal900012.redintelligence.net — Cisco Umbrella Rank: 221978
57 KB
7 segurospromo.com.br
www.segurospromo.com.br
74 KB
6 rentcars.com
widgets.rentcars.com
56 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1212
88 KB
4 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 42320
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696
3 KB
4 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 1072
fonts.googleapis.com — Cisco Umbrella Rank: 48
75 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 29024
api.webgains.io — Cisco Umbrella Rank: 66040
19 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 272
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
158 KB
2 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3630
log.pinterest.com — Cisco Umbrella Rank: 5145
19 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 940
96 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3005
pixel.wp.com — Cisco Umbrella Rank: 2945
3 KB
2 google.com
translate.google.com — Cisco Umbrella Rank: 1284
www.google.com — Cisco Umbrella Rank: 2
32 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 65103
437 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 55484
2 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 165849
923 B
1 booking.com
www.booking.com — Cisco Umbrella Rank: 9923
41 KB
1 visitbritainshop.com
www.visitbritainshop.com
1 amazonaws.com
s3.amazonaws.com
140 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 6837
2 KB
165 26
Domain Requested by
61 www.viagensevivencias.com.br 1 redirects www.viagensevivencias.com.br
16 pagead2.googlesyndication.com www.viagensevivencias.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 cf.bstatic.com www.booking.com
cf.bstatic.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 www.segurospromo.com.br www.viagensevivencias.com.br
www.segurospromo.com.br
6 fonts.gstatic.com www.viagensevivencias.com.br
fonts.googleapis.com
6 widgets.rentcars.com www.viagensevivencias.com.br
widgets.rentcars.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 use.fontawesome.com www.segurospromo.com.br
use.fontawesome.com
4 pv.medialead.de hal900012.redintelligence.net
4 hal900012.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900012.redintelligence.net
4 hal9000.redintelligence.net googleads.g.doubleclick.net
hal900012.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 fonts.googleapis.com www.segurospromo.com.br
hal900012.redintelligence.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.gstatic.com www.viagensevivencias.com.br
www.gstatic.com
3 viagensevivencias.com.br 3 redirects
2 api.webgains.io analytics.webgains.io
2 www.googletagmanager.com adv.office-partner.de
www.googletagmanager.com
2 code.jquery.com widgets.rentcars.com
1 www.google.com tpc.googlesyndication.com
1 log.pinterest.com www.viagensevivencias.com.br
1 cdn.track.production.webgains.team googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 track.webgains.com googleads.g.doubleclick.net
1 adv.office-partner.de hal900012.redintelligence.net
1 ad.doubleclick.net googleads.g.doubleclick.net
1 assets.pinterest.com www.viagensevivencias.com.br
1 www.booking.com aff.bstatic.com
1 pixel.wp.com www.viagensevivencias.com.br
1 translate.googleapis.com
1 aff.bstatic.com www.viagensevivencias.com.br
1 stats.wp.com www.viagensevivencias.com.br
1 translate.google.com www.viagensevivencias.com.br
1 www.visitbritainshop.com www.viagensevivencias.com.br
1 s3.amazonaws.com www.viagensevivencias.com.br
1 cdn-images.mailchimp.com www.viagensevivencias.com.br
165 38
Subject Issuer Validity Valid
viagensevivencias.com.br
GTS CA 1P5
2024-02-14 -
2024-05-14
3 months crt.sh
www.segurospromo.com.br
AlphaSSL CA - SHA256 - G4
2023-06-23 -
2024-07-24
a year crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02
2023-06-20 -
2024-07-17
a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-10
9 months crt.sh
www.visitbritainshop.com
GTS CA 1P5
2024-02-14 -
2024-05-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-29 -
2024-11-28
a year crt.sh
*.rentcars.com
Amazon RSA 2048 M02
2023-12-19 -
2025-01-15
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.booking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-12 -
2024-05-18
a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-07 -
2024-08-07
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
redintelligence.net
R3
2024-02-13 -
2024-05-13
3 months crt.sh
pv.medialead.de
R3
2024-02-02 -
2024-05-02
3 months crt.sh
adv.office-partner.de
R3
2023-12-27 -
2024-03-26
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01
2023-07-24 -
2024-08-22
a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03
2023-08-30 -
2024-09-27
a year crt.sh
www.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh

This page contains 16 frames:

Primary Page: https://www.viagensevivencias.com.br/
Frame ID: 97F431A14505E545C7CF29714BE99987
Requests: 83 HTTP requests in this frame

Frame: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Frame ID: D917149D9C9D0C2127C4FF684C1A9882
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 41704E1C77BB089A3A9950504CB78C23
Requests: 1 HTTP requests in this frame

Frame: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Frame ID: DC0106AD0A21E049BF25FAF9F461FA43
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Frame ID: 981CF04594F993740BF06956A92D28E3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&adk=1812271804&adf=3025194257&lmt=1708196782&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196782118&bpp=8&bdt=1918&idt=8&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3227075926076&frm=20&pv=1&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=66
Frame ID: D009E73DE81B26406719045475B88F2E
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Frame ID: DDC1114D94D50E0594F22745AD672A20
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: DC73A9B208AE8EBB346EDDB06475FDF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Frame ID: D4798033B46273AD0C72078083B541D2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DB0E14CF33387EC038D2422CD84C6F76
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D3C71F2597B8785A9BE1A85F4A60E726
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F2164DA937C5BC103D388CC8540E74BF
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: E061E8D08211CFE392E64C81DB64369C
Requests: 1 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Frame ID: 64446617DCB7F4A43ECEB61D250A7331
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92397DA62389E6765AE12930D4B8344D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F68BF3F9D376D332CB985EA22947BF71
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Viagens e Vivências - Dicas de Viagens e Vivências de um casal pelo mundo!

Page URL History Show full URLs

  1. http://www.viagensevivencias.com.br/ HTTP 301
    https://www.viagensevivencias.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

165
Requests

95 %
HTTPS

53 %
IPv6

26
Domains

38
Subdomains

38
IPs

7
Countries

2679 kB
Transfer

5344 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.viagensevivencias.com.br/ HTTP 301
    https://www.viagensevivencias.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg HTTP 301
  • https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
Request Chain 36
  • https://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg HTTP 301
  • https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
Request Chain 42
  • https://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png HTTP 301
  • https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
Request Chain 99
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEDrlVbLcIAAEphABv0dAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
Request Chain 100
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1
Request Chain 101
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D
Request Chain 120
  • https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

165 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.viagensevivencias.com.br/
Redirect Chain
  • http://www.viagensevivencias.com.br/
  • https://www.viagensevivencias.com.br/
152 KB
25 KB
Document
General
Full URL
https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6d4ff23b7eeb8c2d947863ec55e982f4e8d4ccba27494cab579fd2ca3af576

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85704e8cb84940d8-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 19:06:20 GMT
link
<https://www.viagensevivencias.com.br/wp-json/>; rel="https://api.w.org/", <https://wp.me/9JWmi>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95hdbUA1IoykGRDMSvUb40XqoKRZZYoj2uK4zXS7%2BqXbst4dVK3zR2BsQLHZifZWY6%2FQhM4dOfM3zH1IAyGjppsIyK%2FwWp0s5MKQJBDi5OusAtAPhbwuQlQ%2Ff4lCckIysje%2Fyfs1YB5bU6VTLJCuQnk5BqACGHr0h3n%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
85704e899ac73dcb-SIN
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 17 Feb 2024 19:06:18 GMT
Expires
Sat, 17 Feb 2024 20:06:18 GMT
Location
https://www.viagensevivencias.com.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTVvEpymx6IX%2BZgJ94tucu8hHEh8ygjEnCgGozQAgkL%2BydLXZwoSiwV0LN1Nj3RuvvULV8adOcq%2Bls6tMfwiHU6VpEeGUI2ugjgfBMBE%2BXa%2BsxUbljAayePCjjG1EgSruu3c14wxHQfb3EpK6iuhSAb4A1czBwiDrzPW"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
sbi-styles.min.css
www.viagensevivencias.com.br/wp-content/plugins/instagram-feed/css/
33 KB
5 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:05:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhlrSPmhjclqGxfeRabCmBeF7Y4fTz8pDanME7%2BbHfgRU4lPsNQuPW19kxf%2F60P2lq0ms9RUFJd9GwAE%2FkvZS0zzvGNzFAJw6QiqFECCx6QD8n%2FFp3viul%2FODNhqMZo6H1vwLoWg6ERQ%2BgIgybtLr4nf0tasD97nl5eb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc6c40d8-SIN
alt-svc
h3=":443"; ma=86400
style.min.css
www.viagensevivencias.com.br/wp-includes/css/dist/block-library/
108 KB
15 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-includes/css/dist/block-library/style.min.css?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Jan 2024 04:14:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL5Njtl2P6N%2BL3aPhBmivSMxL7ULg2fG3YZC7iAJeSRzqP8iQGqgn5j3WL28QCSoZN063qZk%2BMCzvdQO3cd4L3zB3LM2TaBw5iYBdWZ6k0kKcEDvfr3VV5FBJH7eOihD810Z5AxZqut%2FX8O9pxipGwZ4Kr9P%2Fp51zjMK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc7340d8-SIN
alt-svc
h3=":443"; ma=86400
mediaelementplayer-legacy.min.css
www.viagensevivencias.com.br/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 30 Sep 2020 00:23:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2yhuhO1Lrr2kPKeAISAKN9oj2e9inHyHl6LhH5pkL%2Ba3hAIp86x4KAibdSlp625pBNwwy8bBLYLK0qsWrsZBN67%2B%2FEPPfszZPr8DhaPr0xsS%2BcIcyc8Op2FViOTucghrQIoVMZPoY31B003SS0%2FvtIE5gFliNI8mcQY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc7640d8-SIN
alt-svc
h3=":443"; ma=86400
wp-mediaelement.min.css
www.viagensevivencias.com.br/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 08 Jun 2019 05:15:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3f4%2Fhv5662NcvNsFhdG1CWJuuITsq2Xg0WIVOlvo6uJin3WP1TdFPQrnwYj%2ByfTzF1s0b72R1pHB4pf%2BIR%2F9v3386b3dbmFvLH01WFKZzJ8MrSkz1PVcAKAybU9eTDo14tNHSoyCWA39nC8PnshAOlhHdsc1tq6xHgf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc7940d8-SIN
alt-svc
h3=":443"; ma=86400
styles.css
www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.7
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:05:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BGJ6aQQuWg5phEJDyFtsc%2FX7rDAXZ7FywW%2FjFsb%2FjZl7R%2FNC9TpAxREdij4j%2F2Aq%2FxyWQILc%2F1P0W5lpYi7XuFlumJtOKBXJpoozBve9%2BytWKthbWKbfW2pOBCFGEUgmyYIvVdk2rf3EAhJg6%2BoQqSn%2BGZrMtUOdOF4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc7c40d8-SIN
alt-svc
h3=":443"; ma=86400
style.css
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/
126 KB
10 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 09 Dec 2023 07:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2hFS%2BuFyADujUTc3QAmuZRI0DUTIHqdKoICGh1ZG4x7Jjj5emtji6PwYJLIW9dtPG8MyFyVIOX5T%2FQtG7yfLTjR%2FD3ekNnx4uGPZog0RKLebnUJx56rRy1lkzqvtXeDKSnI4qcI48Jh4WGZByzgabckL1Ynq7ZoYymR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc7d40d8-SIN
alt-svc
h3=":443"; ma=86400
toolbar.css
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/toolbar.css?ver=6.0.20
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 09 Dec 2023 07:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdvnP5X%2FVpCV7XahzZA%2Fz63UlIjRk8Rn60QhbThlU2Z%2F8u%2BXe7ZJAACe2UFDvsMMVcjTj0%2FtGY%2ByCzUMBBST%2FSg1V59Hdi%2B09KNNLpCVkwX7eREM1DEmMZBc1n5pTuAeMme9knkdgRamDdzJEJwjnenENbB9IqueJ%2F0a"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc7e40d8-SIN
alt-svc
h3=":443"; ma=86400
wpp.css
www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/css/
2 KB
890 B
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.0
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:06:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf%2Fo64J8rfVVHpa28IcUMGphiE1%2F0onoI8m%2FibkPk2ylVcfQIIS4fUPdK1%2BO4bNMLkVIMWAeIqS%2BEGDdKFNn2mWA25pwWI2ehBspxQW90Ad3cTo1VJKjoWuZNWAhJTPv2UtZS1VuREIHZdMhKoy4tDXXFJJSfMlJAsNE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94cc8140d8-SIN
alt-svc
h3=":443"; ma=86400
9b55c8ee-4b7d-4523-b36a-1834be185bb4
https://www.viagensevivencias.com.br/
1 KB
0
Other
General
Full URL
blob:https://www.viagensevivencias.com.br/9b55c8ee-4b7d-4523-b36a-1834be185bb4
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
style.css
www.viagensevivencias.com.br/wp-content/themes/colormag/
102 KB
18 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaKWTl8K7AmXQoF9SdQHpL64msP%2Frpzbxc7LscJY5Ev1%2BOgDlp5J8JXppCd6Tm35yABuzQZzsny5PwqOaipnajwUmKj2fhePsYoaMfItR7WELSU6wldrXSlK2v63aSkNXS89zFtuqAU1Q37o3Myjr%2Bv601SU7Rmjx64u"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94dc9640d8-SIN
alt-svc
h3=":443"; ma=86400
magnific-popup.min.css
www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsDQ0rkOIOdAuql%2BQcVQJvh5P7gtEKyZ2ZVGgxsurRlJUOvVpd2R7XbxsOHE1e3nd1wmbZ1252mT2IJd22qOJwg9t%2BOy6p1gI1yPWs4mQh1K8GSiD9eR%2BRjlaZa9fmYZ9rrL7gXSaQnErb24T830cGqIWFJsbyR1DO0q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e94dc9940d8-SIN
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRW27kaEsvs6fFrxE2lKEnSMKe%2BsCeGefHMV0Ei5wbkajR5Bo%2FZ69SgsLpEeEiv1YrWehcPrC9VmjNk4LrgbphyBWep%2FIBrmO27%2F7wqfshf8Of0yiIe9lFmdxni9rz34E96oUx77LTR3yvdnjNC9hZ9LFBYce5N1HhOE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e95bdf040d8-SIN
alt-svc
h3=":443"; ma=86400
front.min.css
www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.13
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Dec 2023 11:51:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QER84jrnEe1iBGC4hlXAfh4D8r7MDPYz1SDjQSOhw2WAT5Qmrda4WMn1Mz%2B%2FpPDl%2BJaK%2FBIUa4dAbeM%2FHoQIF5LQVp%2BRBm5v60EnJxcjzC6UTBConivXq5ayXV6aebejRfnrOEHmkCubqjxHcDCI4NydrpKtN0uPWJCY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e95bdf240d8-SIN
alt-svc
h3=":443"; ma=86400
styles.min.css
www.viagensevivencias.com.br/wp-content/plugins/dvk-social-sharing/assets/css/
835 B
625 B
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/dvk-social-sharing/assets/css/styles.min.css?ver=1.3.4
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6872150eed5592efb18a2c183c473be2217dff08bb90c286120c82c566791e80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 24 Dec 2022 07:00:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY1jTdHv94vJvq2vZK6R6pSi3yWI%2BJVfEfZ6yk9ik7qRsrdgz%2FEsRPYSMqDEq%2Bi5bsJga8XrKXD1rQtFHU90BSbshBMgGJUxCCWWkwLUiH%2B4q4y8GhwmhaoqStBZWixzxH9%2FK7Q3CkL8%2F%2FBokZ7KYzbxyqXGRdfjxwOW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e95bdf340d8-SIN
alt-svc
h3=":443"; ma=86400
jetpack.css
www.viagensevivencias.com.br/wp-content/plugins/jetpack/css/
104 KB
20 KB
Stylesheet
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/jetpack/css/jetpack.css?ver=13.1.1
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705110851e09c9f6cb085ea3f01e720444f320eab7499dcb5937af0c9ddeecad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:05:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X673X%2F6pnhe8EZGoKBpp4VI3IEV8gvfbF2uqz67nXVLumbpk%2BXXl1WenvW0Dkd702dJJb0NH0YD3v830jslpH66baM4nRjqB71vELdnoa7pfGu6EUTtogNkqH3OjwtSZVoen89g49fCyK6oZZRnLABhXxfjm9crupBgm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85704e95bdf440d8-SIN
alt-svc
h3=":443"; ma=86400
jquery.min.js
www.viagensevivencias.com.br/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 04:15:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFPNbsmPYeNLeUcwZoLxYZs0PYjAO07eillmMpyDxe5QXBIP6Eev9mpxip9pn1EgNGyiK5omst1iatb5cWPy01DJqYA2f9tWm%2FK7fUdfhVtaHbo4nwseK4uwaLflAfQnIzSwzfEE%2Fl7QcONyGBZr6YlNhrFCM44omvsC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e95bdf540d8-SIN
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.viagensevivencias.com.br/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2023 04:16:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gc0PWFWaZFaHoo80MZWKogHkoBjaRS2vW2whH4GZG%2BmHy0s7gv0gP%2FA9n3jtPR9kgfKEoMGPuYumOdA5WXRRwkgYeNex9JM89hK4Iuz6HA%2BOykS%2F9rqT1InwiiMfp6fNmdPzam%2BRF1%2BMAevULn5tRUEZz9EvZoRPWe5W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e95bdf640d8-SIN
alt-svc
h3=":443"; ma=86400
wpp.min.js
www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/
4 KB
2 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.0
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:06:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djgg%2BhuUGn9klJf0o9uln6c5rnCDEZOE8VNscoDgoQ01kpQKkXeCGqhnrwV%2FcrUKoTwVjfZAN9vkqqKEFlMmIlyl2J2fNjFJfu26ZwpkKj33X1Btvja%2FztXTeFiOvz3S5HZivW0tbvJHbvSZjj5WMbZ%2Fu43yddJT2mcx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e95bdf840d8-SIN
alt-svc
h3=":443"; ma=86400
front.min.js
www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/js/
8 KB
3 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.13
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Dec 2023 11:51:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4uMyurjsO26LG0wvJsqUV6wbOhWFxkZStyrNwTUaICZi%2FFSbTkATvMR4n2NEKzNzsXDw69MTrzwnpnVv968Sg4CkUsxBSgTprrJfcPPo8itn4L%2BtdPT3MaRh3cdSlKNOWSNNCMMMDPi78e8WB7bKYYGvQLqw2NA2t4y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c2344bd-SIN
alt-svc
h3=":443"; ma=86400
pinit.js
www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/
875 B
784 B
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f1fffdcfccb2ca03296d8e054da2d690323fe46c66e00d9419604c830d21215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 11 Nov 2023 07:01:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwyES%2FlNW2mZW2DRSqnwSYKLEF8Q0KrdzZB13Wsl0AOdOXNcDy2YleYo5zkUhxBAOIE7qsWxVIn0O1wtqG%2FdVVG4rNVAJQYtzTJqzXopkEWN4QVpaMmtCyJiF9gzjl%2BXulGLPvIGAZsvpNZF0Jh1MQDNjtiITHpQPCw%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c2644bd-SIN
alt-svc
h3=":443"; ma=86400
LOGO-300.png
www.viagensevivencias.com.br/wp-content/uploads/2015/09/
30 KB
31 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2015/09/LOGO-300.png
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01bfcebf8e055ef562c2cb24ed4a23fb9f7162dc385366b893047382fd298641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Sep 2015 19:22:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL4uqNq7hhna4Ow%2FkRdBFpsD8EvzvJ7CHmCRcZqd2FKUFG4M0Wmg4UTSFA2J2tPJLyfQiSL%2ByEqeyifIWRJSaiBI5eGUroe5Ih2OBKllEIDUp5bNIrwQzMhzXAWCtVRSitORPH4VSL7rtpBTGIZZO%2FJ21k8EfM%2Bh15%2BO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e95bdf940d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
30930
booking.jpg
www.viagensevivencias.com.br/wp-content/uploads/2015/10/
Redirect Chain
  • https://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
  • https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
37 KB
37 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0918166c496afea920ec13030858726b4ab668ef1ed5116870acf6363600859e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Oct 2015 13:16:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B102Rd7q%2BA8pmIzAPKea6Iz0pzse8OUbqIovchPrSFpJ4F0yIrFpUkjdOZkfWdmHhpD1mofco%2FRTYRYfEml6mPy3m%2BxjqcGhZsR7F8MLM1%2BAX2HRKoBqi0DspCwNnVDs3giq8qW%2FOS8gDU5vsGUDyNueyajrsWbdJL%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e96cf5f40d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
37682

Redirect headers

date
Sat, 17 Feb 2024 19:06:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAEeVuBw4A5MbDwzeTcISSnlmsq%2BKxdGs5Tk7HEGWxGx7mx5s6TiSYSETmGJQmNMGbj0J0SLfIf8ZB9U%2BC3CsfcS3o%2Fhq4ytaAa0QhowRad43IHnLDi3L8afdc%2Bda9uOjtjowPpNcM%2B274S7rT1jPiNjvCLWSy4%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg
cache-control
max-age=3600
cf-ray
85704e95bdfb40d8-SIN
alt-svc
h3=":443"; ma=86400
expires
Sat, 17 Feb 2024 20:06:20 GMT
/
www.segurospromo.com.br/site/banner/viagensevivencias/20/
39 KB
39 KB
Image
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/20/
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3f87761e3ddafdbe2dbdebbf53cda77ece8bd4ccebc1cde27c61b754661217ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
via
1.1 google
strict-transport-security
max-age=15768000
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
content-type
image/jpg
Blog-viagens-e-vivencias-gra-bretain-07-800x445.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/11/
147 KB
147 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2021/11/Blog-viagens-e-vivencias-gra-bretain-07-800x445.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec016f847d46b279f094aa6cda60ac858b09ca3195b0b7d25dbac47e0e72929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Thu, 18 Nov 2021 17:16:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSySLFN%2Fj69ZYqMDnkK3uLGk1S5fXT7TFtNTpXouEFCe7W70sbD4xiN%2BkEkKrA0NsjvI1Qh6p1TXUBl5o4KdBvYmBlD3cmuR55bnUG%2B%2F9WIkIsSSPObJpnPD2zkhqB8CfpQVeJjh%2BxMl7BLLy3TeP93PqbfRog%2F9Dupv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e964e9440d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
150527
blog-viagens-e-viencias-outlander-glasgow-university-02-800x445.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/08/
68 KB
68 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2018/08/blog-viagens-e-viencias-outlander-glasgow-university-02-800x445.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa505a019656c15198702f3fa8079fdb1feba20aeeef3149f4911dabc5a49e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Aug 2018 19:52:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB%2FvZdbonoGtoiqTeg3yAuyWGQpCKgxqRPIRZdE70bDxSYpdbG%2BbAHwI9eZxR2IfGik67BkLAmfDIKl%2B0Gqex7tBc4ooE5qjkrYVQk5YAI5zouOEqPiP2tqRg7zwc7rkcN4z4a8SYkyi7%2Fyq5qiFq%2BuMlx7q%2FPEfT2th"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c0d44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
69423
Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-800x445.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/03/
53 KB
53 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2021/03/Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-800x445.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6568c82039f002adc68452920ff425301516339ce291bda12e87edbf7722efa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Mar 2021 01:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoReVYLsYYj%2BLmgoIPEbWcmOkEQy8RgDZQllHpWq1%2FFvpwr4GC6kQhd1bgUd6WKQ0GjDa2%2F33hzILds6oArcqn7otmv4lVIE6xBLSr%2FM9rB4ne9tUD6Mq%2BVVptZMKi4E1CJ1D6ANAdB10xsAlk94uGwucTqS1IMZhFIW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c2744bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
54133
Blog-viagens-e-vivencias-gra-bretain-07-390x205.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/11/
30 KB
30 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2021/11/Blog-viagens-e-vivencias-gra-bretain-07-390x205.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809ddb9149ce97e1797b49404308974e0d139e5712386237a0805db5864ef5b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Thu, 18 Nov 2021 17:16:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7O%2FxSYyuil0%2F0XdlMOkYVXOq7ZEkeEvkFDKcHVzbi5w7y8iZKLo6Bc42kHSDYiqxsSK29hs9Z5PoA8ASRVNADdgU7pgxnm90b1%2BeK1FBVsCDwDr%2FoXL6YbURiN19LWR73foQ70g8Vd9qGax1BPEzwzXXAi4xsFVkJ9Y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c2844bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
30722
Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/03/
3 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2021/03/Blog-viagens-e-vivencias-Eilean-Donan-escocia-01-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fde82c3138355f926c01914f4a2ea6b31f8c5e9a194d50a377235afae30a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Mar 2021 01:46:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKk1u67JkkYuyurvhznv3ssjivV6i%2Bae0TzeGtnftmSrB06Fj%2BcVQ1Kfwh8q%2FkgBzJE7hfSlElwyKKtdmGJjPEq2h0FAxToQ0pMOuw7B%2FZPsTV9Ml%2BYnU2itCw3ZMh2%2BXuwANQdfUe690tGRDl%2F26QAA5%2FqJyx75M9K7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c2a44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3357
IMG_7997-390x205.jpg
www.viagensevivencias.com.br/wp-content/uploads/2016/12/
20 KB
20 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2016/12/IMG_7997-390x205.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cae8e0814fc8ddead7a75b52bc99aba056073d1f4cdafb2376871b1942dd046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Aug 2017 02:15:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Re%2F10vkC5pwA2LUPDmvxeODaK9PS3T0tTEZgjO0rX0Z8KlubBJZj8wTN3HA04LajdYySjjkrQX2x7XtcvJkXInv7kuSJC8eo5DjOI%2Bt94v3iBtc015Zxxr3fFIgfsH7FdhLCAi%2B0SjHbEpML14CItBUGe%2FOJW5cQVEyK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c2b44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
20294
IMG_8268-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2016/07/
4 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2016/07/IMG_8268-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceecd11d5b15305c721149f7eaa5bd5d719f6544266c2f10eac84b9f0927fef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Jul 2016 14:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35i96fCr5pf6wUZQcuMyb41Eik0Td7yTojYIIqKgWyuQSwprt5RisT16S%2FPogW3H3GwcXaszcwrpNfBPXsLxQTaB9hVcwaQDJoXzUd3qx5cAtpN8KJ4pnWxgLC8%2F9kkUNjFpiS0SAKtB4G8EMRFhbqhx2W0Cfxp2SLnx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c2d44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3933
blog-viagens-e-vivencias-shinkansen-trem-bala-japao-04-390x205.jpg
www.viagensevivencias.com.br/wp-content/uploads/2019/04/
24 KB
24 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2019/04/blog-viagens-e-vivencias-shinkansen-trem-bala-japao-04-390x205.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb7d02409979942c470cc15d4ddebfd65a94c6ba32f09f16111f3ac5410e7b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Sun, 21 Apr 2019 22:06:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vucA1c1pRyIE1FI1eO%2B0ppTV1LPiFg8aooI04b651FcnY0trjmGOojl%2BtetK2UZzAeiYMabV84606lsATDjrKqrqmDqfKIG8D3s%2F05tzA6mutYbJvKaEm16oduE8tGS1ISA4cJxlT7f%2Fg4qzpW0qMQoap%2FMa9LGDEOjv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c2e44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
24344
blog-viagens-e-vivencias-hiroshima-japan-06-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/09/
3 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2018/09/blog-viagens-e-vivencias-hiroshima-japan-06-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f6c3c901afe6a612bc03fcc06dd6294c550fd2cb08f4b1974720227e1bbe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Sep 2018 01:30:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyuFQRQtv41MD5YuypgmsH0H5hjt5AZ5ZkMcmGGlKGebJWv2fc7I6KtzDrMd89Y07bDWHuBFEYeTZ0Pn7EWwOxVZyt1KIabHhKN6qJVqlfwn4rPxpdYjJAC76KAiVitXcYq5A6i66JYZbx3a5pjo3KUaTE3YTIeZdXhS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c3244bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3280
blog-viagens-e-vivencias-wembley-stadium-london-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2020/03/
4 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2020/03/blog-viagens-e-vivencias-wembley-stadium-london-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ac7d0f300e539bdfeef28e3d1e11973abd2b26d047453627713b7e3cc07cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Sun, 08 Mar 2020 22:14:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2m4oP302Y3%2B0V9Xh%2B19Lkjw0XPlaWSrzJPzdomfiztv6fMqqP564%2BHQDvtWhDRzB0dHR3Vp0Y8x0%2B4JvxEW33JWl%2BIgiaU9p9pPoDcjJTsLWxZValzkJkYTY2KAj6eiQQIsSftt9INUb%2BDFRrRTFKpS%2Bzo9eKTh0Dd95"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c3544bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3878
blog-viagens-e-viencias-outlander-glasgow-university-02-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/08/
3 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2018/08/blog-viagens-e-viencias-outlander-glasgow-university-02-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dbb9e7d877d0b7415ebacb36fd3084c9303e0fcb3c618857688fb3b5a71fe92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Aug 2018 19:52:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOYYAbl4jL2A%2FPheloEJg%2FzVi%2BHDfg9coG3mLiCJRnb%2FmbQfOeZt56fSHejupkHkmR9XJCsDNqe2R0RAKrYc0DQkmxtS26uPzr3Hetk%2FZhU4laHYwE1NNEfb7ih348DmvTTDyXl5WhQOd9j6oYExhFfFIh8z0n0w6j5W"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c3744bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3416
20210124_092651-1-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2021/01/
5 KB
5 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2021/01/20210124_092651-1-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c2c51efeb79b5134d90f3e2f7c7947a9f8aa279aab4c844cfef683537ed8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Jan 2021 00:36:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaGGi50amarpP75mGSojamjPEg1k9%2BuXK6T%2FYKfe7MsXLJJ95iZqVfNAWN8JDU62pNcS%2FAgkCRLRyGfQ66gM0iw%2BHmzuWhIW%2BYY%2F0f2Lu6c%2F9DAvY1N%2FWUfnsSp75tWvhavm%2BmEeIbO89h7pG%2BzZEP1b36mA7X0mdeVP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c3844bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
4746
blog-viagens-v-vivencias-Glenfinnan-Scotland-24-130x90.jpg
www.viagensevivencias.com.br/wp-content/uploads/2020/09/
4 KB
5 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2020/09/blog-viagens-v-vivencias-Glenfinnan-Scotland-24-130x90.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239e069d2014fcbbcb5a4a67967c79789bd5a5e439bfa3478e0eaf806f74361c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Sep 2020 01:39:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhaubXY%2F1EyViPlU6YdwFpxxTWVTsIrJK%2FvpJUmRMZ3xkSjRIxr%2F85ze2aJxiPxAwOl38rnSrrZj5vt2QUZPH%2FjfwTctEwOLrX%2Be3Dx0a0XqwCetKL25Vb107%2Bzs6KpGSelHMFBz79%2BmsK5fKW9%2F8UnWC0pTTe8m%2F698"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c3a44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
4387
vv.jpg
www.viagensevivencias.com.br/wp-content/uploads/2016/03/
Redirect Chain
  • https://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
  • https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
180 KB
180 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820576cf450d6895ef6db37ba52e767da917320e81504fe05d3941fe558bf19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Mar 2016 19:50:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqIQcFtyHsX4M%2FbAwPeG69n65%2BQLS2mVDj%2FFK04fzNz1p0mLeVmvUo1GqQcPcKaXyFh7UQOE1tURFCOE3AoE852ylug9j8kmAtIdNNnKOxic8frEGDfLkVBUNljNIcDW66u8KPrZ0B%2Bt17k3T6NY%2FW43%2BB49i%2FSL6APY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9c7db044bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
184184

Redirect headers

date
Sat, 17 Feb 2024 19:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tjr9ty0Sv%2BPsK7YORXKiBEE%2BpV6HWNaXAVUvJ8oB4Gl1ZzkaPWc70DpFeYLUJjrv7U%2FzIkHGdC6KAMnEMaJxCJz56VcPgsuC2oKM6WE14M7BH0c5NaGezzpeYndH8P2pnDAnFgqeo3uD80CIU919YMsFBo8h5Y%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg
cache-control
max-age=3600
cf-ray
85704e9b5c3b44bd-SIN
alt-svc
h3=":443"; ma=86400
expires
Sat, 17 Feb 2024 20:06:21 GMT
classic-10_7.css
cdn-images.mailchimp.com/embedcode/
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 07:09:48 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 17 Dec 2015 16:52:30 GMT
server
AmazonS3
via
1.1 7af089de61bb0f71465732ed7f6f3386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
etag
W/"ae0fc9b84c30cada1784022044962394"
age
42994
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
GaXF1Bi3tKPQBrV5SQdErNxiwCqnsOY40D4hW6uvjHgh7gXu1MP6lg==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/
140 KB
140 KB
Script
General
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.37.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 19:06:22 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
DV0D08FY0NGPZKFN
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
ciiRs8utw57r7q1Y3q/T5du1Nbp0kvOsBwJxVZmjTur6hwR1ey9FQkj9Grvi//dPova0nc6Dc/E=
6faaf670fedc4749a863a886160b6f4a.ashx
www.visitbritainshop.com/~/media/
0
0
Image
General
Full URL
https://www.visitbritainshop.com/~/media/6faaf670fedc4749a863a886160b6f4a.ashx?cid=889139dc15e84a488ff5482cc4cb4f4e22317
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1655 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

easy-sim-4-u-blog-viagens-e-vivencias.jpg
www.viagensevivencias.com.br/wp-content/uploads/2018/02/
19 KB
19 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2018/02/easy-sim-4-u-blog-viagens-e-vivencias.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12160ce59fa72f3cefdfcf9cf5a260518e60a74c89914c6ad8eac5e6055bac22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Sun, 04 Feb 2018 17:24:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cp4GZNphRzUoG5dv1Wi7GMqDNACi%2BZADkH3gTKEW%2F3uU41pkwGWZCHE2eA6DLD%2F%2Ba%2BAegAw2Yc1hLFPwbjQ2uhQJSmss5RM1Pm0att38v3dSMhXZEU%2Fi0TppzAxZtjchN070bug4AzAllAB6oOBk2Inpe8a2k%2FMgbLcE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c3d44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
18987
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b40ebcf76c5c3097a7153ca44677acc65f7c6538dd0e91e7a5fa31d87dccde72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51220
x-xss-protection
0
server
cafe
etag
5418233213432207837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 17 Feb 2024 19:06:21 GMT
abbv.png
www.viagensevivencias.com.br/wp-content/uploads/2017/02/
Redirect Chain
  • https://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
  • https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
9 KB
9 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6649d18533b066b695bd21b1076e1e00795e22911c395360c102803ea3ecfe31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Feb 2017 13:31:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYRQc0eqOga9Ebxt%2B68BPJUeIH8DKe44sRQjo9uy2waYzw5BljpqDoOIAoIgPPztXlWE0aj9wiG%2FvGH54Uc5CV3oPS45v1UEpVJf34q%2B7Yr7o0kxFZZM2LYTRnEtkjIxlx%2BgLQzXomfGgtcLoWLh2KgH0TLPbZjajuO5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9c7db344bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
8845

Redirect headers

date
Sat, 17 Feb 2024 19:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVrEuHtNVdHK5ZqXgYrv0hahVGYQAL2LRKWSQVGRn5e1VbyzJZzfJ%2Bo6XxPIFuNPNNFlrNg5TBD2poYw4bsSbu%2BHSAyTazJ5R5tQ5DT%2FI7Gt0CjCHvErw%2Bloy1KzI6XbZWoJPGfjgVt%2F4PqcgMXQ2756BJUA5uI%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png
cache-control
max-age=3600
cf-ray
85704e9b5c3e44bd-SIN
alt-svc
h3=":443"; ma=86400
expires
Sat, 17 Feb 2024 20:06:21 GMT
index.js
www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
4 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.7
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:05:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAhDHyu%2F6wzVsJRP22M10%2BdJiLtFY%2FsMFFahkBn4vzmD7PBo5KHl5uD1UvbUfyDGHT6ijcU0f%2BvkoaeMaEjEZV61QaIl3p9ZV7S6P2Xjck8JzXjiV0lmWOGaoEEs9ylYeCB13qxZKmpDL6QLHlwiUaokO3TGAGE6vXdC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1144bd-SIN
alt-svc
h3=":443"; ma=86400
index.js
www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.7
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Feb 2024 07:05:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFx7qUZrg34P%2FvQqKB9HdvPAG%2B7rmVK75poF5RDQPPJehklxx%2Bk4%2B689q4W37IuNaRI4LwtuGTvZWOfHA485vA6Zi%2FD8TEA0r514bBuiAUe1t80wb9T37lHbN3ktqsU2ZpvivYpWJzQc9Ef4K24zOxovehCD%2FrVkYA78"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1344bd-SIN
alt-svc
h3=":443"; ma=86400
scripts.js
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/js/
13 KB
4 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.20
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 09 Dec 2023 07:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi6riu3EzwAoyB5NtilXULtUjxmHVb5eCG2B0NdTbz984Je6HqsnFbglP%2Fr%2FWlZET8O9tnPXxabZxYtc2VKJ19pMwsf8MBY4vs6L%2Bw7UzyV%2FJUCAR20crQPvkjUqPCcXWaaO97PC91oYrZPkvB0989BdYUloQ0lnq0QO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1544bd-SIN
alt-svc
h3=":443"; ma=86400
element.js
translate.google.com/translate_a/
88 KB
31 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea9145153049369ff670cf938c1442962c7dc7c5517dda4ce2adc94600195dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
main.js
www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/
0
448 B
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/main.js?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Sat, 11 Nov 2023 07:01:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpZShpoHFJ1LbwVbk8dcStEGOdVHfcEgCz5Pw1fvwoow5txq%2FagTJg1BVmaLaAuoZswcZgWcoRcOhUPNqsYBwDSHjVW5D9WOOMgi0aECjN0AFIRib3e2FxtQSO8d98L96aCpO3Gnl6%2FdT4N3nKG%2BhvPFJ1rSPxUsd6Rn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b5c1644bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.bxslider.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/
23 KB
7 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8cbmFyrGNZpov%2Bzo4gmVJDBf6Cn2wJ93HblDYrYmpi6cix7%2FjlRs2d%2BVtVLadPsYJUuupodme5bwY90IqQaW5KKFDNyQaM%2F36Y6X%2Fhy25Fa7dUo8G9M3%2B%2FaL8xVJPJ9WjRZKUT%2BY1O%2BX8VBMnziXiCOUf8bts7m7Jmp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1844bd-SIN
alt-svc
h3=":443"; ma=86400
jquery.sticky.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/sticky/
4 KB
2 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/sticky/jquery.sticky.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcPZdi8PdC1nT2SEJOY6tr6XuKIJ3XN5aRAmxfyw31q4sz6lEv0cqtT1ZAEYTbzOo7fC1FVZKY713x%2F0OIJvVSigS%2Bna0UAcwPu4YQ8KlR7n3DAD6F1MBadtZ7pLQB4HUNyopUsNsXbKJs8sJSTPkrnWgctIK0Z3dn5S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1a44bd-SIN
alt-svc
h3=":443"; ma=86400
jquery.newsTicker.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/news-ticker/
3 KB
1 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THwESjlALmnk98wTR%2BlZTb%2FWCOgs5WWOthEqwS4Gf8lCMXXUqi36UUmZbM%2Fp2ooeLhJPyRAU8PkdYvQ1I4DC0qV38hFx6pCLuoCuBXjRKz8tpnMMgRPGXmldg5Iaqz3mfo2311qbjnQ70qwZAXakTDK14e9AlDPGDNda"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1b44bd-SIN
alt-svc
h3=":443"; ma=86400
jquery.magnific-popup.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/
19 KB
8 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCDe9H%2F8Ov%2BYsRerWryKSrlTr02BNl1pIYP3ZyVVscVhfRRY%2FRpfOgYHyWhoKszIaj6owadRd44O0NHT3Z1G5BYXXq1nnnj6LPteiBmkVtSRfijGJ1i4b9xeTBxypO719dW2%2B0dqQsg08L1q5ph9kUjI9OiXgxtNh%2B2j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1d44bd-SIN
alt-svc
h3=":443"; ma=86400
navigation.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/
2 KB
1 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78N8FUowAt%2FbjAB8lq5m2ksoYcqNXenvO4Jlezbm%2F9RN8lLZKn70lmV2Q1Vz%2BlIJqPUOsmvicNeu8TvkZKPCNFAU8VkpQZEX%2B3t%2BSbYL3%2B2qKo2FGx0W27gmsrKIKwh1Mup8s1taeW87H66qQ175wQiKUYtLqf5YkyMN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c1e44bd-SIN
alt-svc
h3=":443"; ma=86400
jquery.fitvids.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/fitvids/
2 KB
1 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKS0WhTvGSje9ZsYq%2FOOjtIRilcvIlu23qOkMLWYKlxvJGmcZTsF%2Fs%2Bbja%2FMVSGrOmTOYI%2FEpUshvLDEEcQDw1SNdjhVzXOsFPUBJ4B1n%2FP1fmiidVufJ3YSLRBvzgML1z7Mw8%2BZY47C4RLgL79TFaBzAMjWNY%2FCp5m4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c2044bd-SIN
alt-svc
h3=":443"; ma=86400
skip-link-focus-fix.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/
325 B
645 B
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCzahfekLBVumBA%2FciBty9CXnXu3wzDz3hR7U0GdQJ1uIBuzkrXoUxhGArtLEhwbUT9WIf1DBzw2ACY1JCwWAVBZwSW38Eya8Yr0zj%2FBmGt4%2FXzC2pYOnChElt1iTPHJE0oHwVeAM4iFUj%2Bsg7xYm3TLpkmFT4LsmsZj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c2144bd-SIN
alt-svc
h3=":443"; ma=86400
colormag-custom.min.js
www.viagensevivencias.com.br/wp-content/themes/colormag/js/
3 KB
2 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.8
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hs83ODzHhAtZq6wc0LYsw5QznFaE%2F3ve0Z9ZAYxjZ39BomxxBDBGQN1hGI1ejAFUj6JhIp8vAEa0V9Q4gWMeqYyQKOC3ZvldKS1ka7uc9TzGPRD7VavEnkFKDf%2Fi2yno313M9tpu2H3WN%2FT2aJc%2BCVPYoEGkw8o9NX2Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704e9b5c2244bd-SIN
alt-svc
h3=":443"; ma=86400
e-202407.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202407.js
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402358485.9985
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 10 Feb 2025 09:15:45 GMT
OpenSans-VariableFont.woff
www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/
78 KB
79 KB
Font
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/OpenSans-VariableFont.woff
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c

Request headers

Referer
https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Origin
https://www.viagensevivencias.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJv8oWNkGxND5GNRSSDOsiIzMmXGXlG2JEHrKp%2BJtFg5SB6lTujI9se04%2FOitexGyfuWc1TF9BhXh0tr%2BmyOkNz3tYqUSzi4rfJ%2BwoPbGCG%2FZ8bKeOmSeSRUpqQBBP1DhIcbMxjjmTKjsJno%2BKGG3ibVwXYmCXj3thmX"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b7c5744bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
80196
OpenSans-Bold.woff
www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/
76 KB
77 KB
Font
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/OpenSans-Bold.woff
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741

Request headers

Referer
https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Origin
https://www.viagensevivencias.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3LfVR2O%2BjF%2FXj%2BaoF2ZaaBPy8CRhh0eGva2E2TAO9L8SN9HKE7yb9Vky%2FifkmerE%2F9l3yJDatATZ3f3iqmbhc3SUQx2crDnEa02QXD9ZXXd%2F%2FoFlIHFTxIC0S6Il2o0xqUaOahy6BYFpeRlnJ%2FDfJW4y9VLvjHrcpdS"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b7c5a44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
78156
fontawesome-webfont.woff2
www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.viagensevivencias.com.br/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.8
Origin
https://www.viagensevivencias.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXAcK8%2BZ0O49Kd6ourNg1tulFTAMisqxQ8mKq142VeJkkvZRbs49DnP6fL%2BislI9RkIGAWBW2UXKJ%2B5pLUfj79qGa0qucvy9%2BP%2FcPkaQWnqdA8RRbwwd89mO1YSbkeDU0kCc5eAHgE9IOwVVnfGf0aYx6Yst2%2FCznegc"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b7c5b44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
77160
OpenSans-SemiBold.woff
www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/
78 KB
79 KB
Font
General
Full URL
https://www.viagensevivencias.com.br/wp-content/themes/colormag/assets/fonts/OpenSans-SemiBold.woff
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b

Request headers

Referer
https://www.viagensevivencias.com.br/wp-content/themes/colormag/style.css?ver=2.1.8
Origin
https://www.viagensevivencias.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 14:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV%2FfP9VKf9Nrz%2FL6FVF%2BsVQ46vJEiqqgc8l6Wx%2BZr6RygBH3I%2BZx3Oqlv3YsedOpkzdvLkuxaIy3gqD4Bv2MZ6xx7gEE%2BDwUkSQ6vsipYiONcN6RrUYQx7eoKSW0WRaSix2HZwZunct3oDC91Kp2%2Ff3NKnUvM5RsZqZf"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9b7c5d44bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
80184
10198-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/
4 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/10198-featured-130x88.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c034d62db887020102d2f40d5b18acb6f2910dc10b1de19d218844e5d3a3caf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Tue, 23 Oct 2018 14:37:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74YhdrY4YjogaiHv%2F5B%2F%2FJRmfGZ9oOCXHFjMHcPGsomronFh4r8KoY4KQV2Sur17rk5tL6RUSE%2BHEmHI9yQg1UNcms%2BQNkAu%2BWwCvYZG9XSvKsdjdeWCXFm3CJuICWJYYmyzNgHGMSoSqseBCvQz9QACO5jXKUS%2FQQGe"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9bac8344bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
4013
13221-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/
3 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/13221-featured-130x88.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f225b5251497cc1900cad7df4aabab137cea27ca96ff76ce673e46acaacd3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Jun 2018 03:39:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0jkzZAtocg2%2FVXjc4nOJf3YPHMYq54iZJLr8Dgt5vWNhDW%2BqJ%2F81XDba2kVSRV52npvEYgjHK%2BfGQNIZZXYZD%2FMj%2B3toZj1NGAQVzDTvN3nxnRsl6%2BdeAAi8KCwdasOXtpW7QIsIfILLm4D3r1qwoMqrNK5454wemh1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9bac8644bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3262
13411-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/
4 KB
4 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/13411-featured-130x88.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
629fb0f35b142f731c60f1e5da22426a4d9b5075882f7a1c0e380988332481d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Sun, 26 May 2019 19:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJvD5EmjKCesYsYG63eVeclxf2m%2B7yrGBj20JbdLIlXW%2F3lbfNFqXV%2F%2Foci0CG1MYpZlrJqN6LSTUqhjSlWZJaUAOpGEB%2BK5acsqKNuRiX41h%2FI0nzM7gZXtiNceaXCLsmXjCl5o8aUxQmvHXAT3%2Bm0AKOvTgy22A5bU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9bac8744bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
3925
9417-featured-130x88.jpg
www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/
2 KB
3 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/uploads/wordpress-popular-posts/9417-featured-130x88.jpg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7613c1e6d992008618526292680a332b320413401ba19ced06381bf6221045c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2017 16:02:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81RbJm7am0As08V7ze44O6gXwKBcHwUDPZfTPeeC8QiRDdWmXJzRs8BCQEUfP8XmT5u86896lx8BtOhkWN9QgrVtWpG6%2F0PeKRjJScHZZtsvMd%2BY5dGRzQMkHt5qmpn60qAy7LkzTwQ7206y9P507yyP0aFu3Ga%2Bi%2Foj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704e9bac8844bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
2387
flexiproduct.js
aff.bstatic.com/static/affiliate_base/js/
6 KB
3 KB
Script
General
Full URL
https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1708196781892
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 09:45:17 GMT
content-encoding
br
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2366464
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 03:41:28 GMT
server
nginx
etag
W/"62a6b1e8-1849"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
xdkRD7-1VXPwkDGF8-I0fP6zv8ndef49QmfATh1ufvsvRC8QR5Zzsw==
expires
Tue, 20 Feb 2024 09:45:17 GMT
/
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917
3 KB
1 KB
Document
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
250c8806819c62a4baac259e585e0e2e7248393c545c90378b7c23050d4f0bd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Feb 2024 19:06:22 GMT
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding Origin
via
1.1 google
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/
407 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
660b9a122d2917234c35fc2ea3fe32ddf6be77ca40e6e7fd7d29366f7aadc802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141297
x-xss-protection
0
server
cafe
etag
15698607153770729765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 19:06:21 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 4170
9 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85728
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Feb 2024 19:17:33 GMT
etag
3890843268177463596
expires
Fri, 01 Mar 2024 19:17:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
widget-v1.html
widgets.rentcars.com/ Frame DC01
1 KB
908 B
Document
General
Full URL
https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2421eba6a5f0196c8c566fbb18f7768f80439d6926e6e8745f3aa4e54767c012

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37606
content-encoding
gzip
content-type
text/html
date
Sat, 17 Feb 2024 08:39:37 GMT
etag
W/"60e0d61591a92b4169b083ba142fdd2a"
last-modified
Wed, 28 Sep 2022 13:20:34 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
x-amz-cf-id
Pw8c02tocmxpu2mroGGh2chJMfCjLZEjOllbNmzwDwwAgq5kKaX9lA==
x-amz-cf-pop
CDG50-P4
x-cache
Hit from cloudfront
jquery-3.3.1.min.js
code.jquery.com/ Frame DC01
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: widgets.rentcars.com
URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3849450
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-fra-eddf8230108-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1708196782.067576,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 826941
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ Frame DC01
248 KB
67 KB
Script
General
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: widgets.rentcars.com
URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5663828
x-cache
HIT, HIT
content-length
67751
x-served-by
cache-lga13623-LGA, cache-fra-eddf8230108-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1708196782.067564,VS0,VE0
etag
W/"28feccc0-3dee4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
38, 449692
rentcars-widget-v1.js
widgets.rentcars.com/min/ Frame DC01
43 KB
7 KB
Script
General
Full URL
https://widgets.rentcars.com/min/rentcars-widget-v1.js
Requested by
Host: widgets.rentcars.com
URL: https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfdc837d965571afbffed6f1095e2e6a0c4aa85b11fde670ade337c1fcc750f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 08:12:19 GMT
content-encoding
gzip
via
1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified
Wed, 28 Sep 2022 13:20:34 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P4
age
39243
x-amz-server-side-encryption
AES256
etag
W/"c26bd0593ec9b5ac31f321c33cbd8180"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
_bjomfSTmAiuexzC0zmTn4exAqOKCSOcr-AKS79Y_WFxFKi8likWmw==
ads
googleads.g.doubleclick.net/pagead/ Frame 981C
24 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4b3bd214febbc4a40459d9517ea423b5082c343a9a279b3c947cd4fea93dd9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11047
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 19:06:22 GMT
expires
Sat, 17 Feb 2024 19:06:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/
22 KB
5 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=wA/d=1/rs=AN8SPfou97LMMLEkXs-0NjG1hiUcJ1dqOg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 14:10:20 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqYBh4qPypgmz13C3axNm3PxJjI1g/
206 KB
72 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfqYBh4qPypgmz13C3axNm3PxJjI1g/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.rpRLSsNR814.O/am=wA/d=1/rs=AN8SPfou97LMMLEkXs-0NjG1hiUcJ1dqOg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5c1afed412e5789454807ea8f4c88f90fc70c54b96b6719a60bb5f9db3391b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72801
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 20:11:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 14:10:19 GMT
g.gif
pixel.wp.com/
50 B
177 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=143936118&post=0&tz=-3&srv=www.viagensevivencias.com.br&j=1%3A13.1.1&host=www.viagensevivencias.com.br&ref=&fcp=3493&rand=0.563613865849254
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 17 Feb 2024 19:06:22 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
www.viagensevivencias.com.br/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.viagensevivencias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=e02a2ec65b74cd0e49fa5904ab613c3d
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 04:15:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IHmDQJghYWI1t1mPvFUL4zupJd9fUrFF33E4oH69TWadp6%2F8ZwLonRXVIYw46n3nMexiWOlFfl1zs7eW8ORqFUPFnFWxpMiCa1jPfIXNyzY4O1Frqc3VQwOSWIdqirzq40S0%2FhWaiYcuPVtllyGguKx8buUWe6TkcU4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85704ea0bc3044bd-SIN
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame D009
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&adk=1812271804&adf=3025194257&lmt=1708196782&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196782118&bpp=8&bdt=1918&idt=8&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=3227075926076&frm=20&pv=1&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=66
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 19:06:22 GMT
expires
Sat, 17 Feb 2024 19:06:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=glt-translate-trigger&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
flexiproduct.html
www.booking.com/ Frame DDC1
101 KB
41 KB
Document
General
Full URL
https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Requested by
Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1708196781892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-43.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6f235e65a6ed9a8576cbfd70b9b603a24a49cc64a66437c2463f10b22ef5650b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
40340
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 19:06:22 GMT
nel
{"report_to":"default","max_age":604800}
report-to
{"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server
nginx
strict-transport-security
max-age=604800; includeSubDomains
vary
Accept-Encoding, User-Agent
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-id
Rw1pdqYD_oo6zp28Dlnc8nDWsXlvmDXQW023NH-vEZuXQkp69kH0xQ==
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/
475 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/images/
54 KB
54 KB
Image
General
Full URL
https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:23 GMT
cf-cache-status
MISS
last-modified
Sat, 09 Dec 2023 07:01:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUpKyaUjWLQJkrC9sUUz5fORsY2jc3jEHf9isvniM0SvCRojdAx8sfcc5IUr%2BI9%2F28GcjwuR8rdg9Lkahi%2BSq1otE2Mj8wSEB9qNBr0ydYk2gDDxmhwQ%2F5jXJ%2BPmtcjknrVCCsb%2F0wd6lYkgKhgQ4AXhgT%2BT%2BI234KH4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85704ea12cc644bd-SIN
alt-svc
h3=":443"; ma=86400
content-length
54996
alugue-um-carro-rentcars.svg
widgets.rentcars.com/images/default/ Frame DC01
9 KB
3 KB
Image
General
Full URL
https://widgets.rentcars.com/images/default/alugue-um-carro-rentcars.svg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
785c3ce630335580679d275c9848b5b17093914f890ec9b25a86f9775a64cf31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 05:14:19 GMT
content-encoding
gzip
via
1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified
Tue, 28 Dec 2021 12:38:10 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P4
age
49923
etag
W/"2eddf94fda465ad0a557b7243881899d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
1OKRUza7iTHOPsrdMpGNBf8F3N_VMQTSQuRSJ40b1HgoB-KQOAmPug==
rentcars-img1.png
widgets.rentcars.com/images/default/ Frame DC01
42 KB
42 KB
Image
General
Full URL
https://widgets.rentcars.com/images/default/rentcars-img1.png
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa283054352cdf13ddf4d0c3045abdf901cae945d099b10077e93cd821a4c498

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 09:22:46 GMT
via
1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified
Wed, 28 Nov 2018 12:49:06 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P4
age
35553
etag
"0eb77c36e550e3e3f46dd46b6fbe3faf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
42744
x-amz-cf-id
3PNimENI_c8zSbtF_Eo8AzOEksqi0_A8LO4V6mJ_lW8EWfsPT6dNTg==
icon-search.svg
widgets.rentcars.com/images/default/ Frame DC01
1 KB
984 B
Image
General
Full URL
https://widgets.rentcars.com/images/default/icon-search.svg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aed43c76a7c5e093c0847d2e6cbfa567261e204446a539ba15a66fb26cd7c38e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 08:01:14 GMT
content-encoding
gzip
via
1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified
Wed, 28 Nov 2018 12:49:05 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P4
age
39909
etag
W/"0dfdff0af8ca7ffc639a561d078dcb84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
-0Az9Lh0L_8EVJZCmmQ1SMB02o_pcU5evLdlnlDJB0ZbAQqrz_VEpw==
icon-select.svg
widgets.rentcars.com/images/default/ Frame DC01
682 B
1020 B
Image
General
Full URL
https://widgets.rentcars.com/images/default/icon-select.svg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:2800:13:8e49:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121f4f3fe9d9a239fd380801ddaf3187ac229ceafbb5eab6e9741cfd4a9ad22c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.rentcars.com/widget-v1.html?requestor=73&locale=pt-br&utm_source=www.viagensevivencias.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 07:08:12 GMT
via
1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
last-modified
Wed, 28 Nov 2018 12:49:05 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P4
age
44046
etag
"ae9a737dc4b8c91e3e87655b0487d27d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
682
x-amz-cf-id
bCIqu_r9MbSeNf0XcSC_tt7N7XvKdMj01u1KJ20SqvRx61MX44-kUg==
truncated
/ Frame DC73
1 KB
1 KB
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/
6 KB
4 KB
Image
General
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 23:57:13 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 04:07:44 GMT
x-content-type-options
nosniff
age
313118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Feb 2025 04:07:44 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:42:56 GMT
x-content-type-options
nosniff
age
12206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 16 Feb 2025 15:42:56 GMT
pinit_main.js
assets.pinterest.com/js/
66 KB
19 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:48f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=290
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
18679
gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_036qqs_f63ou8pTKjI15GdOp8DpZIHI4D76C88lw9lMuaQb326ucEVnhiumzy2AeQQLLvV4gXrH78mqCxq9c2RBnl6W4Jc-cTVvsEEW6toFKR6I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 981C
93 KB
33 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 19:06:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 981C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:14:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
13890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 15:14:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 981C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 16:59:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
7621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 16:59:21 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 981C
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Feb 2024 19:35:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D479
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 19:06:22 GMT
expires
Sat, 17 Feb 2024 19:06:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame D479
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
43 B
769 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sel3aB4ypyUWNmgbZccWGoUMkRnIBgwzI8yWhmNfWK9l%2B9NZvrmtdKmKEpXsdkrBbwgnajPt62PZ%2BtBRjQl4DuPjx9TCrTBNieX0NO79yVzny68GUTGeBPK4sw%2FCUS1VzSVVIRE9yCXNtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85704ea2f8631e4c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D479
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEDrlVbLcIAAEphABv0dAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKXTn2JeZCkGXtoW3FTPRByCckA1pxrhzNlM6sRfIrqe3n1q2D8wKARjSodIDUOwk%2FFzPerbQl%2BUCVX6tQsxCfPLRhC%2Bzi5jiINxAdiSbJSPQyyECr8SD4htGONn8j4I1dA2yLxETglkrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85704ea338ce1e4c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEEJiNcUn22JVVRYUvCEpGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D479
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
an-x-request-uuid
88524e3c-8aea-4dbb-a9ab-376edb45ac55
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKczLNUGvMFSNiQu_dPFkyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D479
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNVbIOUhxfgxo5g2-NXgRU7r66eW8vIpoA-Us4iT9y_V3sefP7wTbRfTvQUsvhJtB7jy8wbRMmZr690E0nS0zmYDtlf4JJq3tJCNdJN8CaSOCBvwS1HIaC0vriepIkxg_6e18KwrFf8MO54N-SgshUtkU1B9-Aq7zrJKK0hnfREx2O4zfck
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
an-x-request-uuid
9c27b7df-35b7-43ed-b092-fbbb710e8867
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NDExNzg1OTc1MDU0MzQyNg%3D%3D
x-proxy-origin
178.162.209.137; 178.162.209.137; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6357320463679&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6357320463679&version=m202401290101&ct=77&x=1&cor=6414021584892290000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 981C
34 KB
19 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApZOVyc8zjFjgX7LJxXf4CQKFg0iS48iIuD3HCXiEvFJvuzhxDAqVZdl0j7AhMtyfEpgBb9XEKoYlY9F6tjAjfADgYxjMvCWg9JmWAjB4LFtD6pXfW7C__IZhSF-1hon5rzHulDPkzGVbxYBx8WRj3zlt3U1hwKTJE-okZwl-CPXZ36yWk4uOEK57vdDqbULBGpDX3&cry=1&dbm_d=AKAmf-CtRTj_SSFbWCshMn3_mLonbDIoYd5byF27awvXTTtnZJfVjjS0iZuz9z-0t-SKMxLfEOAIS72gmH8hMsgBY-GwtGxh4rst7aJJotdmFeyeksJ1Ox8t4mz7ITiaQ9ack5-KYJgAsqO0re5c_LyGpN46z5opqb0MkoWX2PjjHDBe2yYn158Cbnzcl17jEoKQaHyMs51-QFDMOdTvwYV-f_GP5I2LmrQkb0ZLIRmplRf97QsNflUufRg9NGMEa0SuWV331ap192bSxhEUYztzw-oga9Dh3DliLCUdEksGJTvqws8xIh29x5Bsnf2i3G6gK8GSz56voYF7pRbfarF1ObU9dnoOCct-GkHyqOWmLWZFMV3mWreSlT_xvKxXi1QG8UVou5vpqZOZ6leF4EIouTEVtRe8ZpuvMABjYIM-ZZYaynvTgaiAQtoxUQD251PgVGhv4bejGQf_9meXq_pOdDtwAo3-Yha1L-4mmf6rAIgezm8EE1A9nF82kRWwL468EQ2BCNkTKkcwKX9dZxCYMRtvO7HlhA-NOL-vC29BvSzzj1a_xpRt2vqNnGRw7UUXsHie2eEpnBbV6iA1_-KLhU7BJ_uVcrvoSljqQn9azsWTCrxPNGpuEe1877BH3UGNv6rzOfckUrswhwv3VUNgM-W0ZvaOgwTuPHNtfOAFRYiDq5LwZNrW9bXIIqPFgiRwZA60Bl80220VV1jOSwHrAViRASqUEMgRTbZFbxiEYob_gRnG8c4p_7Tuv0LcOtKWLXun1m-3i5lD9oXy9-SCp0YDzh-_4iVW6k-cC_CTTdPMOPBCGxvDxGi1pKwUVFzI_TcK4ENV7I4lwvD8Lfvoh2jHTGwhOczBfAbq5EyH6e5MB4ZJzN6L2eYbPRL0h6lMi8vkw-MbJNta5Ph-DUFvC0Im2DzAuFR3nMPpTomzmwh5D7KKYjT9foKh19tQORfbj6qSMhA-M1jtHPdk2h0EXwd927TTK9oCUYNXjxcHnsbZ2I3cLa-2Bes81DV4VrbMffI95t7nwSFB8hQY__q4WmYmyI5kbgj4tQXCl1-jdCTrbjLIhgYtvJfQeeGSGFbftPirW0CTTXfbQaran-TrkIquReMJvXuDGIJUT9IzgNGYjhO-CXakKhRwy6NjPfo1qW4FqYgMQgG066DCoOmeiR5Jsk0eeA5X6RyIhnBmyeFP1-7t3IAU4xcC2ndLLKelwtPk0Uwf8VHAq67d4Ctnf06qzXkPkU8H2EOHZfL2Je4XlFP548WsEXPjX9YEmR4a6t0l6DLT7wlwYE0rdZRWwheofm8LAA4DroKtr-aebi6Gt5eA1BPYs5rmJrF2bkDV6viHiH4YduvSvwKfxMY2AkNWRu11oh9Q0ZqiR5KRH8pZI6AhBMOUVoEmumPJrXw3NU8A_dLUt4i8xfPWSOdK1U6MJ8UCGBuKIYFa63YrwHx_MJPtMqfDu4dtZS6oUgF-86InGM2oQNKEhL9zBPBc8NlxrO7e3yn8qdN3gDCUNUQWeioAf1Wn8BOHsmrbBbZCQ56xQBLd1r04UmiOyav8l2zCMkMVKGCPpz7a25NPLpyMZ_6P6TaHKYEeLEDvJuZx0bJIJgB1HWjdNiWqQJwAMD_-9etMqn9KwHGhSsbRFsiQw5SyZbNEazgaKCDjK-gaa06cwFL-c4cAtPUPvCkY_YYPR__AwBzfo5tLHr6sO4NsNvVpljClLeqLWuo4UjpunlLijYTGpzRFxkwGlLYEPDUMFrzZi0udRQqUvvLwCqnGOgZbHv8wtToX8FF10HcvPFsfvqo_K96tGNaMWvS0sbt4QT-iFhyR6afEemckPBk4g_YQEOBKyCEdCnDXi1KRDLgWTG0a_Ht7KBGPz7cT1-nROwnw5Q5TnaGIItV86-Uxyp4hIw_srstHlfV_4Jo8x_Ut2F0MOKfeWZxV7vhNP_K4QFHOv6NKs4QslntH3bP5vBNck5GGowcXESRLceWVY348g6-J-tbiyjuD9b5Ua7IeKrx96EvFIZgmB53taUrT0USQZFWkHt34yah-cvxU_dM7rPnUmc5kpA31CDI7Fh3eUk869oB9e9q10dOOQdKDM7t3FsRCQbfrUHH6PPLNZAkfSvbno93or7-gF1K8lNrX4QeLFvetqya14L7XiJVkKZZ_PFv0bOhUFh0FhHZOYoqPi5lj6DttJciHLWRpdk6aL20QwvhSnp_a73v3t63TFu2CB5wOeH4El4NCCgUJFo5Q3ONu4IDmi-SvkhyoE5jMyXHyNxBQkAWXUfhMYh-ZqAOR-oY57oY6vvaJDops0M8mjbvb5EXhvktmuN_eNLdE9e8A97XPxFY7CzC3zQ__xNhgwoBDww2ia-w7luHwHt3Mn7xOwxSTXzwOLKIyLHqR5civtlHkxUbNjwGnvLC7B23XzM0Kj1ZU94XInzXzmeCaBRELZIRRwRO7lj8tUyXUYP9WwCkNv8WLmbxrrd4YTDHXpFamjp6QQt0jtFAbBafdaYfC9spaqjFaGP-8ZAAta2E-D6eIVkn1QX2_nCLiHEI8Bj9BNPWbOUPY8ErP_2p8vpLAZSWAz4GPDlMKbp7pxqBBaSpfOdoD5H_zlrHBj7VZYkyNAbzsgmEg2lMwPkd8Dw4bt_TEjfIQjmuL7Ita6w3pKkuPUoREtOq6yUhiWKNHcNORz-3_HLwCsAbNuT6soJ5c5K_A9bAaJQ6ygWMDEJf46rFNKGkcOdD-hVUTJNKuL-TmaWz5PbxjIgMHWvwu0Nf01YoutIHFt53y_kPxikLblmcA0qdsv1MZPY1jd6vndGxplCRtEiQvwg21feQDTJ4TwIsdfWgXcErcTRUd02aRKtRz9kGE6j9fGVaUA28C8iNTZZX2Aluoecv6WzjlbV_WI2LLQITKjYQ3ZrcRWDlHbvdtu7LYOLMYFBm_XGfXSxZIy8wjHpf2t3SWkDyo8-5sqPPcz2YgWYJz-ywH49egL7wNOOMPtOCuSgLARyJdkDRR9su-wi4U6HfzJ8skSvoZxUWN_ojxi1s5Llvnp7mHHjRVqE8F3tKwtvQk5iUtX3xwRU0eb7jxURcOAhqc62XbskX_SpfRQWH_IkX5COznFU8sS6e2bNMSp_vEPv1-9ikTHbIw2JudaZVYgl6893sMYw4yPbCAIt-HSTLUH1tHnysO8418mexOScqyyEf93O-PIX2RtoB68aaFYLVp7zAF3GrvqlohNk80rtdwdUx6IM8liXYJG4bm4WosufjuW4sUj4rq0JvIxXBbvc6vvvnCv7-T_jp5WQyazy6NQ9Dd3EcCsgD38puKXNVu6ORxdERN7DgYFqJwhcBCGz3xCR3_KsCHNuI7xIk8Xaz0UejfvlM9cC9tYuo2Ed7XGZkeBh4hgweo0DalDji7hPv_ZYUVf4EowM0eARUGJTpcTFXW5KP581xfTOse8rZwAMUFwPPVEM6j0j55aZKM75mPyb_prz4H8sDAXjHX_MgUFIc_XZpK1zShtW7Lp10-ceUHBTz_LJoXHzEyA1qjq22ML310XlENlMSZuiv2yP9brFzyOQbTj4noI-2xv2hwiOmilaekRcDhNjwbDTUAxatrOb49yUf8WIvR7xARUtDFGxf7NSckjIk1Cnac9vd1JINyDFM82gldLk6bNjOcVAp6efsbmx10xL9UhPOeCV35gwz_PnOF1eQQBipX56IMKD-Qmd1LYCci1JHHGQ09YeMmXtJ1GVzyR7panv5Krss9Ht-9L1uAqLZI7E5Y1rakCi2xQZ3eH7h65bpiffBbv2E-KxEBJz_64W2AmPZY532ticcTFBtu-iCeJL5wzzcAqGF-ovn0SpvkfmWNLpCXQ2vq0ArBIxloycbyZ_DTIz93mN0rhiXffH9qc1kLBIHFuMgvVAjjYla10WvwlS2uC6BhnwOf&cid=CAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ds=l&xdt=1&iif=1&cor=6414021584892290000&adk=250412561&idt=53&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d2917b723451957f5cf053d228bfe95e80b21f158cddf98ac11511b17baf031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19568
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame DDC1
1 KB
1013 B
Stylesheet
General
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 02:11:23 GMT
content-encoding
br
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
1184099
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jun 2020 14:42:31 GMT
server
nginx
etag
W/"5eda59d7-51a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
rO7HHgnera9dsKrWl-14YhuYwNWQ9sYiQc9p9fYfISLNntm8LfPT5A==
expires
Tue, 05 Mar 2024 02:11:23 GMT
f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame DDC1
11 KB
3 KB
Stylesheet
General
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:05:59 GMT
content-encoding
br
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2566823
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jun 2020 10:23:33 GMT
server
nginx
etag
W/"5eda1d25-2ae3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
4gQC9x3SdTpsmItkDXU9eCGuFRsVz8Gz9a4EzoGGQbGDmj18DWcKtA==
expires
Sun, 18 Feb 2024 02:05:59 GMT
19d26ccbecea13a40501b1a204f92d7797638c6b.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame DDC1
13 KB
3 KB
Stylesheet
General
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 09:45:18 GMT
content-encoding
br
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2366464
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 06:07:04 GMT
server
nginx
etag
W/"62ba9a88-33d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
X2nndAKa7VN7k9ro0jFXzge6mpxNyEEsY6QP8Nhu7Geyf17lfqZLIQ==
expires
Tue, 20 Feb 2024 09:45:18 GMT
3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame DDC1
952 B
1 KB
Stylesheet
General
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 14:14:02 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
1745540
x-cache
Hit from cloudfront
content-length
952
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:19 GMT
server
nginx
etag
"5cadd1af-3b8"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Nes66BUEkN92UfHHvvOvgnOtzP1jdoV_NzMaoR0dr6NWkjVkpovRDw==
expires
Tue, 27 Feb 2024 14:14:02 GMT
ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame DDC1
3 KB
3 KB
Image
General
Full URL
https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:d600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 11:43:26 GMT
via
1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2100176
x-cache
Hit from cloudfront
content-length
2904
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-b58"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
T97XR2Vp3sXR-3VRfBwWJTWMkLiDtDwtLlzaHFWBk-5TXl5tAIfZ_A==
expires
Fri, 23 Feb 2024 11:43:26 GMT
85522fc012ea427986aabb503405f288a30cc3c8.js
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame DDC1
123 KB
39 KB
Script
General
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 09:45:18 GMT
content-encoding
br
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2366464
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 25 May 2022 11:00:45 GMT
server
nginx
etag
W/"628e0c5d-1ed10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
STdni5u-NckJ846oeI-VaO9SZyFDnEeajE_GP7w-z0WGHElAxbtRHg==
expires
Tue, 20 Feb 2024 09:45:18 GMT
eb78197b2eee9a032c319d91a6e1c581e295f284.js
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame DDC1
33 KB
11 KB
Script
General
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 09:45:17 GMT
content-encoding
br
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2366465
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
W/"5e39454a-84eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
_AmCdLlpitBUoB7AFaBxuGAfkgH_P8i1LI07mybZUYo2wVa50V9Jrg==
expires
Tue, 20 Feb 2024 09:45:17 GMT
a620a252f1d0110ab972e81348133431e8486098.js
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame DDC1
2 KB
1 KB
Script
General
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=872425&target_aid=836398&fid=1708196782185&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 09:45:17 GMT
content-encoding
br
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2366465
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
W/"5e39454a-903"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
-VC9cHf53S1xkWzL6XBMSIyukcXmXDig9cP3cd_zcXOXcSmUusoE6g==
expires
Tue, 20 Feb 2024 09:45:17 GMT
750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame DDC1
8 KB
8 KB
Font
General
Full URL
https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:2c00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 23:10:51 GMT
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA56-P8
age
2577332
x-cache
Hit from cloudfront
content-length
7772
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:49 GMT
server
nginx
etag
"5cadd1cd-1e5c"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6LOk6lWRJvDm7L14YW2DgqJMfa8Lf24BOR6nJEOTnWbRsqJy8-QhTQ==
expires
Sat, 17 Feb 2024 23:10:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 981C
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApZOVyc8zjFjgX7LJxXf4CQKFg0iS48iIuD3HCXiEvFJvuzhxDAqVZdl0j7AhMtyfEpgBb9XEKoYlY9F6tjAjfADgYxjMvCWg9JmWAjB4LFtD6pXfW7C__IZhSF-1hon5rzHulDPkzGVbxYBx8WRj3zlt3U1hwKTJE-okZwl-CPXZ36yWk4uOEK57vdDqbULBGpDX3&cry=1&dbm_d=AKAmf-CtRTj_SSFbWCshMn3_mLonbDIoYd5byF27awvXTTtnZJfVjjS0iZuz9z-0t-SKMxLfEOAIS72gmH8hMsgBY-GwtGxh4rst7aJJotdmFeyeksJ1Ox8t4mz7ITiaQ9ack5-KYJgAsqO0re5c_LyGpN46z5opqb0MkoWX2PjjHDBe2yYn158Cbnzcl17jEoKQaHyMs51-QFDMOdTvwYV-f_GP5I2LmrQkb0ZLIRmplRf97QsNflUufRg9NGMEa0SuWV331ap192bSxhEUYztzw-oga9Dh3DliLCUdEksGJTvqws8xIh29x5Bsnf2i3G6gK8GSz56voYF7pRbfarF1ObU9dnoOCct-GkHyqOWmLWZFMV3mWreSlT_xvKxXi1QG8UVou5vpqZOZ6leF4EIouTEVtRe8ZpuvMABjYIM-ZZYaynvTgaiAQtoxUQD251PgVGhv4bejGQf_9meXq_pOdDtwAo3-Yha1L-4mmf6rAIgezm8EE1A9nF82kRWwL468EQ2BCNkTKkcwKX9dZxCYMRtvO7HlhA-NOL-vC29BvSzzj1a_xpRt2vqNnGRw7UUXsHie2eEpnBbV6iA1_-KLhU7BJ_uVcrvoSljqQn9azsWTCrxPNGpuEe1877BH3UGNv6rzOfckUrswhwv3VUNgM-W0ZvaOgwTuPHNtfOAFRYiDq5LwZNrW9bXIIqPFgiRwZA60Bl80220VV1jOSwHrAViRASqUEMgRTbZFbxiEYob_gRnG8c4p_7Tuv0LcOtKWLXun1m-3i5lD9oXy9-SCp0YDzh-_4iVW6k-cC_CTTdPMOPBCGxvDxGi1pKwUVFzI_TcK4ENV7I4lwvD8Lfvoh2jHTGwhOczBfAbq5EyH6e5MB4ZJzN6L2eYbPRL0h6lMi8vkw-MbJNta5Ph-DUFvC0Im2DzAuFR3nMPpTomzmwh5D7KKYjT9foKh19tQORfbj6qSMhA-M1jtHPdk2h0EXwd927TTK9oCUYNXjxcHnsbZ2I3cLa-2Bes81DV4VrbMffI95t7nwSFB8hQY__q4WmYmyI5kbgj4tQXCl1-jdCTrbjLIhgYtvJfQeeGSGFbftPirW0CTTXfbQaran-TrkIquReMJvXuDGIJUT9IzgNGYjhO-CXakKhRwy6NjPfo1qW4FqYgMQgG066DCoOmeiR5Jsk0eeA5X6RyIhnBmyeFP1-7t3IAU4xcC2ndLLKelwtPk0Uwf8VHAq67d4Ctnf06qzXkPkU8H2EOHZfL2Je4XlFP548WsEXPjX9YEmR4a6t0l6DLT7wlwYE0rdZRWwheofm8LAA4DroKtr-aebi6Gt5eA1BPYs5rmJrF2bkDV6viHiH4YduvSvwKfxMY2AkNWRu11oh9Q0ZqiR5KRH8pZI6AhBMOUVoEmumPJrXw3NU8A_dLUt4i8xfPWSOdK1U6MJ8UCGBuKIYFa63YrwHx_MJPtMqfDu4dtZS6oUgF-86InGM2oQNKEhL9zBPBc8NlxrO7e3yn8qdN3gDCUNUQWeioAf1Wn8BOHsmrbBbZCQ56xQBLd1r04UmiOyav8l2zCMkMVKGCPpz7a25NPLpyMZ_6P6TaHKYEeLEDvJuZx0bJIJgB1HWjdNiWqQJwAMD_-9etMqn9KwHGhSsbRFsiQw5SyZbNEazgaKCDjK-gaa06cwFL-c4cAtPUPvCkY_YYPR__AwBzfo5tLHr6sO4NsNvVpljClLeqLWuo4UjpunlLijYTGpzRFxkwGlLYEPDUMFrzZi0udRQqUvvLwCqnGOgZbHv8wtToX8FF10HcvPFsfvqo_K96tGNaMWvS0sbt4QT-iFhyR6afEemckPBk4g_YQEOBKyCEdCnDXi1KRDLgWTG0a_Ht7KBGPz7cT1-nROwnw5Q5TnaGIItV86-Uxyp4hIw_srstHlfV_4Jo8x_Ut2F0MOKfeWZxV7vhNP_K4QFHOv6NKs4QslntH3bP5vBNck5GGowcXESRLceWVY348g6-J-tbiyjuD9b5Ua7IeKrx96EvFIZgmB53taUrT0USQZFWkHt34yah-cvxU_dM7rPnUmc5kpA31CDI7Fh3eUk869oB9e9q10dOOQdKDM7t3FsRCQbfrUHH6PPLNZAkfSvbno93or7-gF1K8lNrX4QeLFvetqya14L7XiJVkKZZ_PFv0bOhUFh0FhHZOYoqPi5lj6DttJciHLWRpdk6aL20QwvhSnp_a73v3t63TFu2CB5wOeH4El4NCCgUJFo5Q3ONu4IDmi-SvkhyoE5jMyXHyNxBQkAWXUfhMYh-ZqAOR-oY57oY6vvaJDops0M8mjbvb5EXhvktmuN_eNLdE9e8A97XPxFY7CzC3zQ__xNhgwoBDww2ia-w7luHwHt3Mn7xOwxSTXzwOLKIyLHqR5civtlHkxUbNjwGnvLC7B23XzM0Kj1ZU94XInzXzmeCaBRELZIRRwRO7lj8tUyXUYP9WwCkNv8WLmbxrrd4YTDHXpFamjp6QQt0jtFAbBafdaYfC9spaqjFaGP-8ZAAta2E-D6eIVkn1QX2_nCLiHEI8Bj9BNPWbOUPY8ErP_2p8vpLAZSWAz4GPDlMKbp7pxqBBaSpfOdoD5H_zlrHBj7VZYkyNAbzsgmEg2lMwPkd8Dw4bt_TEjfIQjmuL7Ita6w3pKkuPUoREtOq6yUhiWKNHcNORz-3_HLwCsAbNuT6soJ5c5K_A9bAaJQ6ygWMDEJf46rFNKGkcOdD-hVUTJNKuL-TmaWz5PbxjIgMHWvwu0Nf01YoutIHFt53y_kPxikLblmcA0qdsv1MZPY1jd6vndGxplCRtEiQvwg21feQDTJ4TwIsdfWgXcErcTRUd02aRKtRz9kGE6j9fGVaUA28C8iNTZZX2Aluoecv6WzjlbV_WI2LLQITKjYQ3ZrcRWDlHbvdtu7LYOLMYFBm_XGfXSxZIy8wjHpf2t3SWkDyo8-5sqPPcz2YgWYJz-ywH49egL7wNOOMPtOCuSgLARyJdkDRR9su-wi4U6HfzJ8skSvoZxUWN_ojxi1s5Llvnp7mHHjRVqE8F3tKwtvQk5iUtX3xwRU0eb7jxURcOAhqc62XbskX_SpfRQWH_IkX5COznFU8sS6e2bNMSp_vEPv1-9ikTHbIw2JudaZVYgl6893sMYw4yPbCAIt-HSTLUH1tHnysO8418mexOScqyyEf93O-PIX2RtoB68aaFYLVp7zAF3GrvqlohNk80rtdwdUx6IM8liXYJG4bm4WosufjuW4sUj4rq0JvIxXBbvc6vvvnCv7-T_jp5WQyazy6NQ9Dd3EcCsgD38puKXNVu6ORxdERN7DgYFqJwhcBCGz3xCR3_KsCHNuI7xIk8Xaz0UejfvlM9cC9tYuo2Ed7XGZkeBh4hgweo0DalDji7hPv_ZYUVf4EowM0eARUGJTpcTFXW5KP581xfTOse8rZwAMUFwPPVEM6j0j55aZKM75mPyb_prz4H8sDAXjHX_MgUFIc_XZpK1zShtW7Lp10-ceUHBTz_LJoXHzEyA1qjq22ML310XlENlMSZuiv2yP9brFzyOQbTj4noI-2xv2hwiOmilaekRcDhNjwbDTUAxatrOb49yUf8WIvR7xARUtDFGxf7NSckjIk1Cnac9vd1JINyDFM82gldLk6bNjOcVAp6efsbmx10xL9UhPOeCV35gwz_PnOF1eQQBipX56IMKD-Qmd1LYCci1JHHGQ09YeMmXtJ1GVzyR7panv5Krss9Ht-9L1uAqLZI7E5Y1rakCi2xQZ3eH7h65bpiffBbv2E-KxEBJz_64W2AmPZY532ticcTFBtu-iCeJL5wzzcAqGF-ovn0SpvkfmWNLpCXQ2vq0ArBIxloycbyZ_DTIz93mN0rhiXffH9qc1kLBIHFuMgvVAjjYla10WvwlS2uC6BhnwOf&cid=CAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ds=l&xdt=1&iif=1&cor=6414021584892290000&adk=250412561&idt=53&cac=0&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 17:22:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
6205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11551
x-xss-protection
0
server
cafe
etag
12710720872123804752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 17:22:57 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 981C
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApZOVyc8zjFjgX7LJxXf4CQKFg0iS48iIuD3HCXiEvFJvuzhxDAqVZdl0j7AhMtyfEpgBb9XEKoYlY9F6tjAjfADgYxjMvCWg9JmWAjB4LFtD6pXfW7C__IZhSF-1hon5rzHulDPkzGVbxYBx8WRj3zlt3U1hwKTJE-okZwl-CPXZ36yWk4uOEK57vdDqbULBGpDX3&cry=1&dbm_d=AKAmf-CtRTj_SSFbWCshMn3_mLonbDIoYd5byF27awvXTTtnZJfVjjS0iZuz9z-0t-SKMxLfEOAIS72gmH8hMsgBY-GwtGxh4rst7aJJotdmFeyeksJ1Ox8t4mz7ITiaQ9ack5-KYJgAsqO0re5c_LyGpN46z5opqb0MkoWX2PjjHDBe2yYn158Cbnzcl17jEoKQaHyMs51-QFDMOdTvwYV-f_GP5I2LmrQkb0ZLIRmplRf97QsNflUufRg9NGMEa0SuWV331ap192bSxhEUYztzw-oga9Dh3DliLCUdEksGJTvqws8xIh29x5Bsnf2i3G6gK8GSz56voYF7pRbfarF1ObU9dnoOCct-GkHyqOWmLWZFMV3mWreSlT_xvKxXi1QG8UVou5vpqZOZ6leF4EIouTEVtRe8ZpuvMABjYIM-ZZYaynvTgaiAQtoxUQD251PgVGhv4bejGQf_9meXq_pOdDtwAo3-Yha1L-4mmf6rAIgezm8EE1A9nF82kRWwL468EQ2BCNkTKkcwKX9dZxCYMRtvO7HlhA-NOL-vC29BvSzzj1a_xpRt2vqNnGRw7UUXsHie2eEpnBbV6iA1_-KLhU7BJ_uVcrvoSljqQn9azsWTCrxPNGpuEe1877BH3UGNv6rzOfckUrswhwv3VUNgM-W0ZvaOgwTuPHNtfOAFRYiDq5LwZNrW9bXIIqPFgiRwZA60Bl80220VV1jOSwHrAViRASqUEMgRTbZFbxiEYob_gRnG8c4p_7Tuv0LcOtKWLXun1m-3i5lD9oXy9-SCp0YDzh-_4iVW6k-cC_CTTdPMOPBCGxvDxGi1pKwUVFzI_TcK4ENV7I4lwvD8Lfvoh2jHTGwhOczBfAbq5EyH6e5MB4ZJzN6L2eYbPRL0h6lMi8vkw-MbJNta5Ph-DUFvC0Im2DzAuFR3nMPpTomzmwh5D7KKYjT9foKh19tQORfbj6qSMhA-M1jtHPdk2h0EXwd927TTK9oCUYNXjxcHnsbZ2I3cLa-2Bes81DV4VrbMffI95t7nwSFB8hQY__q4WmYmyI5kbgj4tQXCl1-jdCTrbjLIhgYtvJfQeeGSGFbftPirW0CTTXfbQaran-TrkIquReMJvXuDGIJUT9IzgNGYjhO-CXakKhRwy6NjPfo1qW4FqYgMQgG066DCoOmeiR5Jsk0eeA5X6RyIhnBmyeFP1-7t3IAU4xcC2ndLLKelwtPk0Uwf8VHAq67d4Ctnf06qzXkPkU8H2EOHZfL2Je4XlFP548WsEXPjX9YEmR4a6t0l6DLT7wlwYE0rdZRWwheofm8LAA4DroKtr-aebi6Gt5eA1BPYs5rmJrF2bkDV6viHiH4YduvSvwKfxMY2AkNWRu11oh9Q0ZqiR5KRH8pZI6AhBMOUVoEmumPJrXw3NU8A_dLUt4i8xfPWSOdK1U6MJ8UCGBuKIYFa63YrwHx_MJPtMqfDu4dtZS6oUgF-86InGM2oQNKEhL9zBPBc8NlxrO7e3yn8qdN3gDCUNUQWeioAf1Wn8BOHsmrbBbZCQ56xQBLd1r04UmiOyav8l2zCMkMVKGCPpz7a25NPLpyMZ_6P6TaHKYEeLEDvJuZx0bJIJgB1HWjdNiWqQJwAMD_-9etMqn9KwHGhSsbRFsiQw5SyZbNEazgaKCDjK-gaa06cwFL-c4cAtPUPvCkY_YYPR__AwBzfo5tLHr6sO4NsNvVpljClLeqLWuo4UjpunlLijYTGpzRFxkwGlLYEPDUMFrzZi0udRQqUvvLwCqnGOgZbHv8wtToX8FF10HcvPFsfvqo_K96tGNaMWvS0sbt4QT-iFhyR6afEemckPBk4g_YQEOBKyCEdCnDXi1KRDLgWTG0a_Ht7KBGPz7cT1-nROwnw5Q5TnaGIItV86-Uxyp4hIw_srstHlfV_4Jo8x_Ut2F0MOKfeWZxV7vhNP_K4QFHOv6NKs4QslntH3bP5vBNck5GGowcXESRLceWVY348g6-J-tbiyjuD9b5Ua7IeKrx96EvFIZgmB53taUrT0USQZFWkHt34yah-cvxU_dM7rPnUmc5kpA31CDI7Fh3eUk869oB9e9q10dOOQdKDM7t3FsRCQbfrUHH6PPLNZAkfSvbno93or7-gF1K8lNrX4QeLFvetqya14L7XiJVkKZZ_PFv0bOhUFh0FhHZOYoqPi5lj6DttJciHLWRpdk6aL20QwvhSnp_a73v3t63TFu2CB5wOeH4El4NCCgUJFo5Q3ONu4IDmi-SvkhyoE5jMyXHyNxBQkAWXUfhMYh-ZqAOR-oY57oY6vvaJDops0M8mjbvb5EXhvktmuN_eNLdE9e8A97XPxFY7CzC3zQ__xNhgwoBDww2ia-w7luHwHt3Mn7xOwxSTXzwOLKIyLHqR5civtlHkxUbNjwGnvLC7B23XzM0Kj1ZU94XInzXzmeCaBRELZIRRwRO7lj8tUyXUYP9WwCkNv8WLmbxrrd4YTDHXpFamjp6QQt0jtFAbBafdaYfC9spaqjFaGP-8ZAAta2E-D6eIVkn1QX2_nCLiHEI8Bj9BNPWbOUPY8ErP_2p8vpLAZSWAz4GPDlMKbp7pxqBBaSpfOdoD5H_zlrHBj7VZYkyNAbzsgmEg2lMwPkd8Dw4bt_TEjfIQjmuL7Ita6w3pKkuPUoREtOq6yUhiWKNHcNORz-3_HLwCsAbNuT6soJ5c5K_A9bAaJQ6ygWMDEJf46rFNKGkcOdD-hVUTJNKuL-TmaWz5PbxjIgMHWvwu0Nf01YoutIHFt53y_kPxikLblmcA0qdsv1MZPY1jd6vndGxplCRtEiQvwg21feQDTJ4TwIsdfWgXcErcTRUd02aRKtRz9kGE6j9fGVaUA28C8iNTZZX2Aluoecv6WzjlbV_WI2LLQITKjYQ3ZrcRWDlHbvdtu7LYOLMYFBm_XGfXSxZIy8wjHpf2t3SWkDyo8-5sqPPcz2YgWYJz-ywH49egL7wNOOMPtOCuSgLARyJdkDRR9su-wi4U6HfzJ8skSvoZxUWN_ojxi1s5Llvnp7mHHjRVqE8F3tKwtvQk5iUtX3xwRU0eb7jxURcOAhqc62XbskX_SpfRQWH_IkX5COznFU8sS6e2bNMSp_vEPv1-9ikTHbIw2JudaZVYgl6893sMYw4yPbCAIt-HSTLUH1tHnysO8418mexOScqyyEf93O-PIX2RtoB68aaFYLVp7zAF3GrvqlohNk80rtdwdUx6IM8liXYJG4bm4WosufjuW4sUj4rq0JvIxXBbvc6vvvnCv7-T_jp5WQyazy6NQ9Dd3EcCsgD38puKXNVu6ORxdERN7DgYFqJwhcBCGz3xCR3_KsCHNuI7xIk8Xaz0UejfvlM9cC9tYuo2Ed7XGZkeBh4hgweo0DalDji7hPv_ZYUVf4EowM0eARUGJTpcTFXW5KP581xfTOse8rZwAMUFwPPVEM6j0j55aZKM75mPyb_prz4H8sDAXjHX_MgUFIc_XZpK1zShtW7Lp10-ceUHBTz_LJoXHzEyA1qjq22ML310XlENlMSZuiv2yP9brFzyOQbTj4noI-2xv2hwiOmilaekRcDhNjwbDTUAxatrOb49yUf8WIvR7xARUtDFGxf7NSckjIk1Cnac9vd1JINyDFM82gldLk6bNjOcVAp6efsbmx10xL9UhPOeCV35gwz_PnOF1eQQBipX56IMKD-Qmd1LYCci1JHHGQ09YeMmXtJ1GVzyR7panv5Krss9Ht-9L1uAqLZI7E5Y1rakCi2xQZ3eH7h65bpiffBbv2E-KxEBJz_64W2AmPZY532ticcTFBtu-iCeJL5wzzcAqGF-ovn0SpvkfmWNLpCXQ2vq0ArBIxloycbyZ_DTIz93mN0rhiXffH9qc1kLBIHFuMgvVAjjYla10WvwlS2uC6BhnwOf&cid=CAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ds=l&xdt=1&iif=1&cor=6414021584892290000&adk=250412561&idt=53&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
381518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:07:44 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODE5Njc4MjUyNzkzOQogIHNlcnZlcl9pcDogMTM5ODAxMTA4CiAgcHJvY2Vzc19pZDogMzk3NjY5OTUxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 981C
0
858 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODE5Njc4MjUyNzkzOQogIHNlcnZlcl9pcDogMTM5ODAxMTA4CiAgcHJvY2Vzc19pZDogMzk3NjY5OTUxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDQyOTk3NTE1MDE1MzI4NTQ4MgpkZWJ1Z19rZXk6IDM1MTI3NzM3NzQzODY0MTU2MjYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTE3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU4OTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNzA2NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNApkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa7e13ea0ee4d4a6f0000000000000000","13":"0xc74f3fb3a626ad5c0000000000000000","14":"0xc5c5013a4e9a6b340000000000000000","15":"0xabe5107db2caa72e0000000000000000"},"debug_key":"3512773774386415626","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14429975150153285482"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame 981C
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1708196782168869&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
d3b2174ef87bb1b4e7ba0bcc29a1d08f8634a6d0067024b26a57b678ce64861c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4202
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DB0E
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
381343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 09:10:39 GMT
expires
Wed, 12 Feb 2025 09:10:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame DB0E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 08:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
39262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Feb 2025 08:12:00 GMT
request.php
hal900012.redintelligence.net/ Frame 981C
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB
Script
General
Full URL
https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
HTTP/1.1
Server
94.130.102.164 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
8f92bd2f09596366bd56aba34214f2e2d485383c1fbc0d38311691e06edf6df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
96808800120174304444554012603012
Connection
close
Content-Length
1118
Expires
Sat, 17 Feb 2024 19:06:22 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 17 Feb 2024 19:06:22 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 17 Feb 2024 19:06:22 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB0E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKuXTrgPRZcOcIJTk1PIP97ye6A4AAAAAOAHgBAI&bg=!JSalJmnNAAZN4L4YbeA7ADQBe5WfODMJhjoh1xLohPL0pUi_808X5RL033SmNUECE5vXj4XR2QJY5WjwTFaGy26To-4RAgAAACxSAAAAAWgBB5kC_iZo1un8Z-T8xhFt2yqS-bo55CPsuI5ek7RnaA969zs0unxO4ncMtQVOH55Ezv-3PJcqlSKAthbLeFgD_RlrRpmYT8m8gb01mH5B4HUn3jG12JAE1n0e9s2FCic5dMly_zatlHTGsnjto-D0Q8m2eGV2SwvQjQhrfdQ7zfZLerX__AbRPu00f-fm8wk8NFTFBadiVyIJuw6tliiL6thOiqws32HlZjVvkgcsFkCDtCKt_t4xbm1ihYv8BN2TiILpJlXoH-QexKUQD0N1reUyho_ZIkAXpM3Jtv0WcUvubNOgNePQyDByKetUmOsG9PDWYFnriWen_UbMgCVohnNgV0egFtXhTGaCqQzjeQrW0eEJHLosM8Nnhl6aWLzCq5OzH4x7yF9dVOOoogAeUo7PPGKRKXt9m2k6VoT7zQ5upb5t4dlsIOH3WGlRr9-jn18n8D4hhp9eZJMz5nrRVM_fUVukXJApBpHcEC7qYLWbz7tuveHUeeaXWz7xw0zXvwSqyTLEjDdjK2cv_aqna4LxYxT01hIZGuNv66sLIogsbi2zwRiweJmdklK3LOg6UEVek23AfnXvU_ThgiENltHQc5xCLoM3s24J_d-BmKMxcKBit6D9jDucCRZVkC1iIknUfeQNHwGzAhdC-fz6sdoui8CbvedManMc7AmTn6_uwWnkNe1dLzrmTxODDRZJPwLiIYfdyGAuLE_b6B33zNPzBuTdh_FG3B3JwKRVzLtAzZtoMhMj-5FjtR_nvO2vih4hJ6NOkDbatRfYBPDHUoKoIQY5k42vLadN54bOwCAj-Vq1fD-rd26mMhVuxkhb1BwaJAh5Bui-tXRYe6Png2tg6Zhbe7Jgh1JMW2kyUNVvM5F-ifNdvHTB2cde0FQTBf2dsn6RlO_ZyaPu-RQXVG4H9drBPKtwTcUk70ohynas6W7fOkiFwrrkt1G2_X1Z5mBtEbnV2d_JbF-ul5u9GM09Bh2FR33itkVEcyc0Ud_Nc_KgKrtaIpl8Qlfqs2dhF80
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame D3C7
0
326 B
Document
General
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sat, 17 Feb 2024 19:06:22 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
/
adv.office-partner.de/ Frame F216
930 B
923 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sat, 17 Feb 2024 19:06:22 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sat, 24 Feb 2024 19:06:22 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
89f7480c0afa0150827cf163f8728151
pv.medialead.de/trck/epv/ Frame E061
0
327 B
Document
General
Full URL
https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"25200521800103636","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sat, 17 Feb 2024 19:06:22 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 981C
0
326 B
Script
General
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 981C
43 B
360 B
Image
General
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=96808800120174304444554012603012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=b1fcabf8be&subid=&uid=968615c746d6fb50&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCtblrgPRZaWnCvrIuvQPkfGViAKm5b2gaa2VnKfJD_AuEAEg266RImCVgoCAsAfIAQmpAuwUsmdyFLI-qAMByAObBKoEhgJP0PYK1uQess9nK1lYcat8YS-41AYTe6NDnCgJ2WtvZFPzFQmHKBQljo1VF3jcUeDzK_tmJ8BbSCq0zQtTwZsZEEgTf2qblWzq2VWqD8iE81-KkzTl5b3E-a1PJBvNNpROpE4amht6FUu9vEyRleHucNnq37sDponKQmVeZrMzB_CK_1ZzaeH0EBLfouAY9dp_CtLnXXPAN54LRGUMXFujaYX2-h_-3NKdjfIsSzv41Ey9Dn289DMptge5hPfv8e3nPHqq7QkDi3fNSpD2UZoLYLkTOy2NeBV930oCEc4BU21rX3Pp-rLWENM7R4ZfNmUzW0T9XCWNkl7E2qlBExBPLqy7a71HwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCsIgOGAEBABGB8yB6qCgOCfgAE6CYBAgICEgICECEi9_cE6WJPenPOIs4QDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_zGWKkzkiKBHThJauF75QHGvL66ZLRVo0CFOxGjzEuVDM2GuVoPkcLXWCUX3lV41KUrtovHkhkJTvXraWQix-qhe-oWclOrUVkFYYAQ%26sig%3DAOD64_3E6zDVTDWxxvYIdggbiK3b20VGaQ%26client%3Dca-pub-3911180130839100%26dbm_c%3DAKAmf-DTMlz_JgZw2euXhTal-oqyQP5mP6Ab8c8lZPZ6c4zcRNM1XXT0prEv3DSQU-NgL-8R8W5JvwlQ_rUVL_GmIfdX2wc4-HCSA7DGBwtyxEBWN-phyvS_yYnLAkhsZzQSrY3X4Hb7ks8YTRC8xrm6ZFiGW6kj7HYbFjpZkcHPxSHrzpbpYJXpPWR5GIPHhepByPDYjVLy%26cry%3D1%26dbm_d%3DAKAmf-CfyR6uH5tK15dBQsf9fzAXhin9i3ktHHTW5sd-SRg4gwsu_A6d38w2TE3xy5MItyEpKZgHkfzGMQbY-0PFCPGcNxKRiCAg_YSMTgstgTOyQu6oLMG3PWeyntCWksxfNpXKcNCr9VJNd3Zgr-PVpB1huN7d1vzh6XNwTpWYlD2KynUU_wrMwlCFuHZcQDoB0IegqS4WEecV4EM0bWaT_bHScqvKOI3U03M6ZDUfrSLRJyAtNaKa_OLVqpzjtpjsaJ2g-0ZbiHJjCDhV_uylLnKj9Ewyd5rDcbgC6h9THlWGA35J6xRY0-8KyvvfcLKX-WXBVh1wrVHjd5jx4A2nXGrEMXJ12gL-F9H5_vuW6iGwqPIPe5QwqaDfVFCP8LxqEDQFMZvAC6ToF9VLvTSMONYuBbgYPhwfGVfa_ZGtrqyq0uNMKd6nLMBmu2KZPYy346uxNCoYWvhZTczPneWPCozxG55ENcQwbKwj8G6fR7wf8aSsKCKd2lV7wawtUsu-xpyV_HR-rXzGUSt4FutX26gijEV6ww%26adurl%3D&documentReferer=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.viagensevivencias.com.br&random=7119728190506&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
css
fonts.googleapis.com/ Frame D917
9 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:400,700
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b10a3f9a041b4026e62ccd238bed1b682ba3be109da9c56874cdb3dfe8ec35da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 19:06:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 19:06:22 GMT
css
fonts.googleapis.com/ Frame D917
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 17:08:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 19:06:22 GMT
frame.css
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917
3 KB
947 B
Stylesheet
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/frame.css
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fa85a6d3130d68368d8eb097f0d62ffbe4f2e7faefcb374724a85320e8c51c46
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:23 GMT
via
1.1 google
content-encoding
br
strict-transport-security
max-age=15768000
last-modified
Wed, 18 Dec 2019 12:20:19 GMT
server
nginx
vary
Accept-Encoding, Origin
content-type
text/css
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
36419c10aa.js
use.fontawesome.com/ Frame D917
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/36419c10aa.js
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b9dee62e0557493982b3e8682adb06f8dfd2d3e8a5df8e35ca6a6c9d0c3377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 00:32:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7012
etag
W/"556e74862ce5d7f41289e55e881b9b0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii7Phr%2Ba4F2bNgIpD7dP7bqd1C1mZlO8ACINue9JIjUuD%2BK0jgZXoumauoVA19udXxI62ibTlXx5g7b6XTEAyMqRbEC49Cj3pX24MgW7P3I58ExMm1ojtTvBamEWx%2B4WnbBC3touW6dhSWnSZRy%2BsBPS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
85704ea70cc040ce-SIN
alt-svc
h3=":443"; ma=86400
seguros-logo.svg
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917
9 KB
3 KB
Image
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/seguros-logo.svg
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ebbb18acc67b5e220bc5af1b20a5fbf1516ce3eb64ec881f87d0ae8bf9ecb91e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:23 GMT
via
1.1 google
content-encoding
br
strict-transport-security
max-age=15768000
last-modified
Wed, 18 Dec 2019 12:20:19 GMT
server
nginx
vary
Origin
content-type
image/svg+xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery-3.2.1.min.js
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917
85 KB
27 KB
Script
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/jquery-3.2.1.min.js
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:24 GMT
via
1.1 google
content-encoding
br
strict-transport-security
max-age=15768000
last-modified
Wed, 18 Dec 2019 12:20:19 GMT
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery.maskedinput.js
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917
10 KB
2 KB
Script
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/jquery.maskedinput.js
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:24 GMT
via
1.1 google
content-encoding
br
strict-transport-security
max-age=15768000
last-modified
Wed, 18 Dec 2019 12:20:19 GMT
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
frame.js
www.segurospromo.com.br/site/banner/viagensevivencias/25/ Frame D917
2 KB
747 B
Script
General
Full URL
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/frame.js
Requested by
Host: www.segurospromo.com.br
URL: https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.199.118.124 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
124.118.199.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1bd384420c4b49b6267723443e97a992c75631086dfae32185715b1da22e18d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/site/banner/viagensevivencias/25/?tt=banner25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:24 GMT
via
1.1 google
content-encoding
br
strict-transport-security
max-age=15768000
last-modified
Wed, 18 Dec 2019 12:20:19 GMT
server
nginx
vary
Origin
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link.html
track.webgains.com/ Frame 981C
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=96808800120174304444554012603012&nw=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.154.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-154-21.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6166aa15489a8227991fe82cd4061da41e595c2ee69e615900eaa34c49385308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
last-modified
Sat, 17 Feb 2024 19:06:22 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sat, 17 Feb 2024 19:07:22 GMT
request_content.php
hal900012.redintelligence.net/ Frame 6444
7 KB
2 KB
Document
General
Full URL
https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
60d9ae14effc13117e6f987c94e8a62f53596d779eb24ac0e68386078c2de642

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2049
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Feb 2024 19:06:22 GMT
Expires
Sat, 17 Feb 2024 19:06:22 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 981C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86229f23db594e7015f46d8ae7774af13dcb6228db3a42356016804c98bade0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame F216
183 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b465efd816286ca357842eb17ae180b11de86c5a6bbeff90d603381fa6019576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66650
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Feb 2024 19:06:22 GMT
css
fonts.googleapis.com/ Frame 6444
5 KB
778 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 19:04:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 19:06:22 GMT
/
hal9000.redintelligence.net/scale/ Frame 6444
17 KB
17 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
23d10acc1f846d4e4427c5a87d713262fe978daf00aa8e5ba05c7c89c776e681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16990
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6444
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5b18c395b6f60351c8b52b69f35c6b7574f0c79ad80f8bed3fc3bfcfc3a966fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16521
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6444
13 KB
13 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Solingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b8b0ba8831586f52444c697dc117635854d752c941310cbb3cbd06f00b736101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 19:06:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13292
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900012.redintelligence.net/ Frame 6444
0
150 B
Script
General
Full URL
https://hal900012.redintelligence.net/viewability?s=96808800120174304444554012603012&a=e0d0f45e&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 Würzburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=96808800120174304444554012603012&a=385a7735
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 19:06:22 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6444
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 07:59:08 GMT
x-content-type-options
nosniff
age
385634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 6444
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:47:53 GMT
x-content-type-options
nosniff
age
382709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:47:53 GMT
js
www.googletagmanager.com/gtag/ Frame F216
280 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ec851f209981a582bfad5e671a5a8cbea19a9b93f0ab9d88d52da49d6dd1b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 19:06:22 GMT
pvClk.min.js
analytics.webgains.io/ Frame 981C
56 KB
19 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=96808800120174304444554012603012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5a178ba95421189cb0b7274927e4f1d35e22bd392b65b87a6a9a3e7f4055477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 22:36:35 GMT
content-encoding
gzip
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
last-modified
Thu, 15 Feb 2024 10:01:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
73789
x-amz-server-side-encryption
AES256
etag
W/"3fb1dfeeb4c566b4a2aee7a623471da6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ii1lSRwmdQBt-J5FvF-xhhRI3LSfvuNkGYodXNFC9nGfy8GpyMtN8g==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 981C
85 B
437 B
Image
General
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1708197082&Signature=fMGgNyFZt6w6sOOhRwAIuCBwc33-qmDj0akGlTSeDIGgIpR76s5IlYd2D6mvAch0F4UduoxHA3G7bsv49Hksmf~X1idS7uwia6tb2Dohx0iZfAVtnlbQwo8wuP7i8xVXRi-kYFHBfWFLNCClQ9tNlnPSRNVfXru3WTjGjESS0YByMJXwoXWTYJJTWy54iYBTwsuMrK-QzbUps-io4mcAO2wHPLzbew5r9evZyf6nOub8gaITiyM~IJH7M4uI47ubTc6GcomoVNUHPxJMhahg4N1CbX5FU-eRP5wzdQssGSVZznFoUr808xx--Rm~9iyRjcNLUAnLGvPCFf1Ywds3ug__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3911180130839100&output=html&h=250&slotname=3216970543&adk=2284863413&adf=1511296534&pi=t.ma~as.3216970543&w=300&lmt=1708196782&format=300x250&url=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708196781905&bpp=6&bdt=1706&idt=157&shv=r20240215&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=3227075926076&frm=20&pv=2&ga_vid=389340213.1708196782&ga_sid=1708196782&ga_hid=508082773&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081143%2C31081187%2C31081221%2C44795921%2C95324581%2C95325068%2C31081219%2C95321957%2C95324155%2C95324161%2C95325079&oid=2&pvsid=126682925859288&tmod=1795027003&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 17 Feb 2024 07:58:32 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
40072
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
3SZo0L8BoBkWzyx8mExOvQGcG31DJbIZcU1YM44nq8DXY-tuZZR55g==
/
log.pinterest.com/
0
350 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=3F19u0wp_4Ek&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.viagensevivencias.com.br%2F&viaSrc=canonical
Requested by
Host: www.viagensevivencias.com.br
URL: https://www.viagensevivencias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 17 Feb 2024 19:06:23 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
3071843267547871
content-length
0
x-served-by
cache-fra-etou8220029-FRA
pragma
no-cache
server
envoy
x-timer
S1708196783.393396,VS0,VE28
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 981C
16 B
209 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.247.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-247-241.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Feb 2024 19:06:23 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.247.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-247-241.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 17 Feb 2024 19:06:23 GMT
server
nginx
36419c10aa.css
use.fontawesome.com/ Frame D917
1 KB
735 B
Stylesheet
General
Full URL
https://use.fontawesome.com/36419c10aa.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/36419c10aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf141db42052356ed5a8490bcba4a12094e78c81d4475622d812ce57fb7ac378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.segurospromo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 00:32:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6470
etag
W/"4cae4744001f29349db33beb713d6c6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Beh%2FNiFYd7TvKfRoWSA6PmUBNp7hkS%2BDnag1qom9DRR%2BLZqU0bQfWWCrN3s3xyUY9FqShnx2Wr9y1r1kNylB7zwoaa%2FN4pZ12YUWWDQERviAZopUgeZVjBAQYilvL6WZZl0UJhOAGKI6s6zLyKUn%2BKK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
85704eacbf0740ce-SIN
alt-svc
h3=":443"; ma=86400
3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
fonts.gstatic.com/s/yanonekaffeesatz/v30/ Frame D917
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/yanonekaffeesatz/v30/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f7f87bd3d618507238749eed46e27541b21abf3350268ef7e15332f64bfe6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.segurospromo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:18 GMT
x-content-type-options
nosniff
age
382566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27116
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:29:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D917
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.segurospromo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:49:41 GMT
x-content-type-options
nosniff
age
382603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:49:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D917
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.segurospromo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:51:30 GMT
x-content-type-options
nosniff
age
382494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:51:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 981C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6357320463679&version=m202401290101&ct=77&x=1&cor=6414021584892290000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 19:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ Frame D917
30 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/36419c10aa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/36419c10aa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1450723
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2HoLcZwGda1JB7rDdJkm81GFontsTygcD1ONk5ZWK7D2NBWxddztm%2FvisdAoNOtEYDonHlFZgCwiScn%2BY8vi7dfdK9xioJm2vFm7tal3P3GXWHigwIZUti%2BqhX31Esqe5Vt2ZmNB8fI0Hk%2F0eodZMl4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
85704eadc8f840ce-SIN
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ Frame D917
75 KB
76 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/36419c10aa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/36419c10aa.css
Origin
https://www.segurospromo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40412
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmOYx%2Fsr%2BIcsNbrds96d9Vc1VT8FYhixKbxAgHtVwFcA8QSmD2OIbILCNNAJSzZGWQlOZJgPU4QNg0fu2nymoXfwvrDKu0Xkp%2FbYG01IdXZQYIIipoFGuxeg78OCCjIqY1Vwoy2ODkE4hsUbbVH%2BDnrp"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
85704eb1c9f33d17-CDG
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19c1f077648b77437135ad28605e98e56f0ff8c986cc61ff313826f7f130da06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12457
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3911180130839100&plah=www.viagensevivencias.com.br&aplac=true&bust=31081219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 19:06:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9239
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 15:50:51 GMT
expires
Sun, 16 Feb 2025 15:50:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F68B
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
203b62b41903a3d30043e3241ea2805fefdb8056ff9c8cf8b7839fe4e1e48a53
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lQWDYBLXHqkPFH4Lb2UWkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.viagensevivencias.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lQWDYBLXHqkPFH4Lb2UWkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 19:06:25 GMT
expires
Sat, 17 Feb 2024 19:06:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 9239
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 08:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
39265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Feb 2025 08:12:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F68B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=126682925859288&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 9239
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?1601cg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 19:06:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=126682925859288&bg=!enmleTbNAAZN4L4YbeA7ADQBe5WfOMeuh_qxfLJEEOCfLiLWu3sL3G-y2Lfh0oo6Az9GB1mIrvdnUE3rtqeP8EcdHZAjAgAAADVSAAAAAmgBB5kC10NlBunAdy_aN2WZ7DOBQvR6OVfeCXZHEiRI6i8KG0TYaqzV-kE-6v1_BKU1NF_HMEmngCEPQ7q3wE2UOvO8tZVvBrXxs7q0t8wzKVEFLnIOtAKTpmWdp7cdT5rg3tiOQZsjO4RNbVL5o7pQaonqNOQtojAOFP4xBfHSBCcvCw-s04hsziJ8NYVRa2Q_cC8oOhEQ8tiCw3n61h4Hy3fabUQB-4JB4zQEsUBTECJdLsEHDpk0LN_LR2Xasx6gAKvUAXsmoZkDt_Ikb2TQFs0Q5MPTrU5D--DwbqsVg5GNC2LnPTb0fryuGBTWNOlofOgsypQIatob2k25TxhOBDmmM5SD3N-zhEcZHKY765d3q2xF1ySQJ4ft0lSlOrCsNAzovvv1pfyQw11J1GNL9gpGBDnT8KnUcdNsJdEeI2lgDHVa0f0FSXKezyjjDTfE8m4SFEnyBmtUMw1_ZX6w_ylUAw4l0K96gg9VE4rBCp6eKvczYFrxoqT5vldbG6Hh6vnscuZKBwEe-scxRX59SqAt5amBBv_0vz1cWUMTdqn3JpqqoylE9OO9PTk86q87nlJnzO3Q8ELYEGV_Gi-vYe0tNReGR7CDfM2SQsrIhf1aiteZYU1qtMuO2V9jSvCafLQAhQPA7Hf-LliSn9vw1D3NZZ9SKT9nguL8hS1JN_TS7N4GyKGPAicYgOfReAJtytdabI1xsMRRuyJjpe1lc6EwOjRv_zx0xPJyt9DhUeonR82oeP1SQVJG81rYh1qxBJ7izY-lTjnWrY41nnoDcuwebF4dCWG_zs33empKS0SNEQLRSdTbMnwzxv2ZuJ4nSNJiNl5s05e4oJ0kBO3mdl2P4YipXgaoKLT_ywYMO367ZDBrC-kL_ZA7_VldKxS9uLct5ZSyJZXZ_XB_ombnrpsQy4zB_nkZLgHlwgezoFkRxBpLxymwejZrUuH6zbbIYy0YAkztd_jw5hA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.viagensevivencias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| _wpemojiSettings undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| cnArgs object| mc function| $mcj object| fnames object| ftypes object| adsbygoogle function| GoogleLanguageTranslatorInit string| sbiajaxurl object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| _i_ function| _r_ object| BookingAff function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| swv object| wpcf7 function| GLTFireEvent function| GLTGetCurrentLang function| doGoogleLanguageTranslator function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig function| st_go function| linktracker_init object| wpcom object| _stq number| google_rum_task_id_counter object| google_image_requests object| closure_lm_477596 boolean| PIN_19770 object| PIN_1708196782360 string| value object| key object| PinUtils object| googletag object| twemoji object| wp object| GoogleGcLKhOms

18 Cookies

Domain/Path Name / Value
.visitbritainshop.com/ Name: __cf_bm
Value: VXhvsqIOoM.cSdpp0lRwMiPyMPifSmR2EjkZcepAVKo-1708196781-1.0-AUnU86aHlXdt4VM7tEHBDLPg7ihIZykGc47jQilhL+fTc1TFlQe6V91/K5IeKCK4GGrZ0mo6YBzo50+q86ms1do=
.doubleclick.net/ Name: IDE
Value: AHWqTUljimdQhXZcEgtFFX_WjHdAHyxytLDPZuZa1dUGPOpR7-N5y-vh3PchmYz7
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT9X5rvtJ%2FFy59N22cBd%2ByMTIbRuqoA1PURcmh7GwS6GlAF%2FWpFAQLH0%2B7uiWrwAYCi4Re5gWL8IyaqRpFJLGs70KjVtcIw6x5TmPQuIAQRtEz7D2gSMYgTDTEHr6qNnl%2FaLG0c4a%2BAjPV9%2FrRt7OchVqFFlk8nFsRw%3D
.casalemedia.com/ Name: CMID
Value: ZdEDrlVbLcIAAEphABv0dAAA
.casalemedia.com/ Name: CMPS
Value: 3380
.casalemedia.com/ Name: CMPRO
Value: 3380
.adnxs.com/ Name: XANDR_PANID
Value: HHOtxJK-zPvvkhGhzC5BceWS8mwgmZVfv_O7A2YoTCyYqg5pGNmN2hMxQd-XbO_VJZQoyXozenfd7ZBO-9VJX36EZ2spEAa6yF88K60nze0.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5154117859750543426
.doubleclick.net/ Name: APC
Value: AfxxVi6MKIR5D4M1ZrHNs3b2F6vLvF2N9yHa0fDXUryz2JVcoaG1Pw
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>y^R'9w!1yIE`fS1ueD1W-044)d+]Uf`Bnozcq@e[A*D:E-A?rjIn3M]i1)XqUfBz6hP(hw9P-HC_#tuSy*.=1d
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 5819abb7c8a0cad5
.viagensevivencias.com.br/ Name: __gads
Value: ID=a80e917367e46de2:T=1708196782:RT=1708196782:S=ALNI_MYUCja8SPRw30pq86kCd64IK3qLMw
.viagensevivencias.com.br/ Name: __gpi
Value: UID=00000d5bde8c451b:T=1708196782:RT=1708196782:S=ALNI_MYlxdEpVUAr32y1ZUNhlAZPWL7Q6g
.viagensevivencias.com.br/ Name: __eoi
Value: ID=40a5cf90e90ea9e9:T=1708196782:RT=1708196782:S=AA-AfjY-8R4iLcNdvJtwZcKT9ZeN
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1708196782943,"clickCookie":false}}

58 Console Messages

Source Level URL
Text
security warning URL: https://www.viagensevivencias.com.br/
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.viagensevivencias.com.br/
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.viagensevivencias.com.br/
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.viagensevivencias.com.br/
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.viagensevivencias.com.br/(Line 1051)
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.viagensevivencias.com.br/(Line 1051)
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2016/03/vv.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.visitbritainshop.com/~/media/6faaf670fedc4749a863a886160b6f4a.ashx?cid=889139dc15e84a488ff5482cc4cb4f4e22317
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://www.viagensevivencias.com.br/(Line 1149)
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2017/02/abbv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.viagensevivencias.com.br/(Line 1149)
Message:
Mixed Content: The page at 'https://www.viagensevivencias.com.br/' was loaded over HTTPS, but requested an insecure element 'http://viagensevivencias.com.br/wp-content/uploads/2015/10/booking.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.viagensevivencias.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adv.office-partner.de
aff.bstatic.com
analytics.webgains.io
api.webgains.io
assets.pinterest.com
cdn-images.mailchimp.com
cdn.track.production.webgains.team
cf.bstatic.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
ib.adnxs.com
log.pinterest.com
pagead2.googlesyndication.com
pixel.wp.com
pv.medialead.de
s3.amazonaws.com
stats.wp.com
tpc.googlesyndication.com
track.webgains.com
translate.google.com
translate.googleapis.com
use.fontawesome.com
viagensevivencias.com.br
widgets.rentcars.com
www.booking.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.segurospromo.com.br
www.viagensevivencias.com.br
www.visitbritainshop.com
104.18.36.155
13.42.154.21
142.250.185.194
144.76.238.55
151.101.64.84
16.182.37.216
172.217.16.134
18.172.112.77
18.66.147.120
185.89.211.84
192.0.76.3
2600:9000:2450:2800:13:8e49:800:93a1
2600:9000:266e:2c00:5:bf05:acc0:93a1
2600:9000:266e:d600:5:bf05:acc0:93a1
2606:4700:3030::6815:2e6b
2606:4700::6812:1655
2606:4700:e6::ac40:ce26
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a02:26f0:480:48f::1931
2a04:4e42:400::649
2a0b:4d07:102::1
35.178.247.241
35.199.118.124
52.222.214.43
91.121.248.44
94.130.102.164
99.86.4.94
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
01860d2273448228ae1e9f7b7150e82bdcf98896938cccd44815f4c1c856204c
01bfcebf8e055ef562c2cb24ed4a23fb9f7162dc385366b893047382fd298641
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
0918166c496afea920ec13030858726b4ab668ef1ed5116870acf6363600859e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec851f209981a582bfad5e671a5a8cbea19a9b93f0ab9d88d52da49d6dd1b9c
12160ce59fa72f3cefdfcf9cf5a260518e60a74c89914c6ad8eac5e6055bac22
121f4f3fe9d9a239fd380801ddaf3187ac229ceafbb5eab6e9741cfd4a9ad22c
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
163f6c3c901afe6a612bc03fcc06dd6294c550fd2cb08f4b1974720227e1bbe2
19c1f077648b77437135ad28605e98e56f0ff8c986cc61ff313826f7f130da06
1f1fffdcfccb2ca03296d8e054da2d690323fe46c66e00d9419604c830d21215
1f7f87bd3d618507238749eed46e27541b21abf3350268ef7e15332f64bfe6b3
203b62b41903a3d30043e3241ea2805fefdb8056ff9c8cf8b7839fe4e1e48a53
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2226b397adfcd8fde1b5bad0d5f61b4a434702fed6bf4a13e536ec1f6dc53aab
239e069d2014fcbbcb5a4a67967c79789bd5a5e439bfa3478e0eaf806f74361c
23d10acc1f846d4e4427c5a87d713262fe978daf00aa8e5ba05c7c89c776e681
2421eba6a5f0196c8c566fbb18f7768f80439d6926e6e8745f3aa4e54767c012
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
250c8806819c62a4baac259e585e0e2e7248393c545c90378b7c23050d4f0bd0
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2aa505a019656c15198702f3fa8079fdb1feba20aeeef3149f4911dabc5a49e6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d2917b723451957f5cf053d228bfe95e80b21f158cddf98ac11511b17baf031
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
306a340d77c015bebd34348e2df7636595f40e1fc50273d1a4cba9321d5e82ce
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38b9dee62e0557493982b3e8682adb06f8dfd2d3e8a5df8e35ca6a6c9d0c3377
38f225b5251497cc1900cad7df4aabab137cea27ca96ff76ce673e46acaacd3c
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3f87761e3ddafdbe2dbdebbf53cda77ece8bd4ccebc1cde27c61b754661217ab
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
5b18c395b6f60351c8b52b69f35c6b7574f0c79ad80f8bed3fc3bfcfc3a966fe
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5dbb9e7d877d0b7415ebacb36fd3084c9303e0fcb3c618857688fb3b5a71fe92
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
60d9ae14effc13117e6f987c94e8a62f53596d779eb24ac0e68386078c2de642
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6166aa15489a8227991fe82cd4061da41e595c2ee69e615900eaa34c49385308
61ac7d0f300e539bdfeef28e3d1e11973abd2b26d047453627713b7e3cc07cd1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629fb0f35b142f731c60f1e5da22426a4d9b5075882f7a1c0e380988332481d5
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076
6568c82039f002adc68452920ff425301516339ce291bda12e87edbf7722efa6
660b9a122d2917234c35fc2ea3fe32ddf6be77ca40e6e7fd7d29366f7aadc802
6649d18533b066b695bd21b1076e1e00795e22911c395360c102803ea3ecfe31
6872150eed5592efb18a2c183c473be2217dff08bb90c286120c82c566791e80
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
6a6d4ff23b7eeb8c2d947863ec55e982f4e8d4ccba27494cab579fd2ca3af576
6ec016f847d46b279f094aa6cda60ac858b09ca3195b0b7d25dbac47e0e72929
6f235e65a6ed9a8576cbfd70b9b603a24a49cc64a66437c2463f10b22ef5650b
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
705110851e09c9f6cb085ea3f01e720444f320eab7499dcb5937af0c9ddeecad
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
785c3ce630335580679d275c9848b5b17093914f890ec9b25a86f9775a64cf31
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
809ddb9149ce97e1797b49404308974e0d139e5712386237a0805db5864ef5b6
820576cf450d6895ef6db37ba52e767da917320e81504fe05d3941fe558bf19c
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
8f92bd2f09596366bd56aba34214f2e2d485383c1fbc0d38311691e06edf6df7
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9cae8e0814fc8ddead7a75b52bc99aba056073d1f4cdafb2376871b1942dd046
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1434cb9eee1f618cfa38f76759c919e606679bb2beb2cadd62964361c43a741
a1bd384420c4b49b6267723443e97a992c75631086dfae32185715b1da22e18d
a4b3bd214febbc4a40459d9517ea423b5082c343a9a279b3c947cd4fea93dd9a
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
acb7d02409979942c470cc15d4ddebfd65a94c6ba32f09f16111f3ac5410e7b3
aed43c76a7c5e093c0847d2e6cbfa567261e204446a539ba15a66fb26cd7c38e
aeef31c70dd1e009fba6965ac0510518bc1fc7c99323dc712b204e9dc74d747f
b10a3f9a041b4026e62ccd238bed1b682ba3be109da9c56874cdb3dfe8ec35da
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b40ebcf76c5c3097a7153ca44677acc65f7c6538dd0e91e7a5fa31d87dccde72
b465efd816286ca357842eb17ae180b11de86c5a6bbeff90d603381fa6019576
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8b0ba8831586f52444c697dc117635854d752c941310cbb3cbd06f00b736101
bfdc837d965571afbffed6f1095e2e6a0c4aa85b11fde670ade337c1fcc750f3
c034d62db887020102d2f40d5b18acb6f2910dc10b1de19d218844e5d3a3caf5
c5c1afed412e5789454807ea8f4c88f90fc70c54b96b6719a60bb5f9db3391b9
c6fde82c3138355f926c01914f4a2ea6b31f8c5e9a194d50a377235afae30a50
c8c2c51efeb79b5134d90f3e2f7c7947a9f8aa279aab4c844cfef683537ed8ad
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ceecd11d5b15305c721149f7eaa5bd5d719f6544266c2f10eac84b9f0927fef5
cf141db42052356ed5a8490bcba4a12094e78c81d4475622d812ce57fb7ac378
d3b2174ef87bb1b4e7ba0bcc29a1d08f8634a6d0067024b26a57b678ce64861c
d5a178ba95421189cb0b7274927e4f1d35e22bd392b65b87a6a9a3e7f4055477
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
e401b72553ea85689b6a2ee010d65bd1d41bd99d765ca892c49589e9a170634b
e529245e8867300ffd2b6f6c1e5b36d41ce8c71a9eb7cbdec52360c0be7b0017
e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf
ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445
ea9145153049369ff670cf938c1442962c7dc7c5517dda4ce2adc94600195dcc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebbb18acc67b5e220bc5af1b20a5fbf1516ce3eb64ec881f87d0ae8bf9ecb91e
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7613c1e6d992008618526292680a332b320413401ba19ced06381bf6221045c
f86229f23db594e7015f46d8ae7774af13dcb6228db3a42356016804c98bade0
f9f94cc2cf984a2a8df89c1250c04396bc950e577b4143d5539ca88fb46de91b
fa283054352cdf13ddf4d0c3045abdf901cae945d099b10077e93cd821a4c498
fa85a6d3130d68368d8eb097f0d62ffbe4f2e7faefcb374724a85320e8c51c46
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d