nilotrip.com Open in urlscan Pro
172.67.163.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nilotrip.com/
Submission: On December 17 via manual (December 17th 2024, 4:17:01 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 21 domains to perform 66 HTTP transactions. The main IP is 172.67.163.50, located in United States and belongs to CLOUDFLARENET, US. The main domain is nilotrip.com.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.

This is the only time nilotrip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	172.67.163.50 172.67.163.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
8	172.67.69.4 172.67.69.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.140.50 172.67.140.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
2	172.67.157.252 172.67.157.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.171.187 172.67.171.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	1.1.1.1 1.1.1.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:251... 2600:9000:2511:aa00:a:e047:754:f4a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:808::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH OVH SAS) (OVH OVH SAS)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2001	15169 (GOOGLE) (GOOGLE)
1	35.173.157.167 35.173.157.167	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.80.4 142.250.80.4	15169 (GOOGLE) (GOOGLE)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
66	26

20 172.67.163.50 (United States)

ASN13335 (CLOUDFLARENET, US)

nilotrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.69.4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cloud.adseleto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
custom-targets.cloud.adseleto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.140.50 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.spun.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.157.252 (United States)

ASN13335 (CLOUDFLARENET, US)

matomo.incred.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.171.187 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adseleto.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 1.1.1.1 (None, )

ASN13335 (CLOUDFLARENET, US)
PTR: one.one.one.one

one.one.one.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:aa00:a:e047:754:f4a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2001 (United States)

ASN15169 (GOOGLE, US)

e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.157.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-157-167.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	nilotrip.com nilotrip.com	2 MB
8	adseleto.com cdn.cloud.adseleto.com — Cisco Umbrella Rank: 332700 custom-targets.cloud.adseleto.com	27 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	270 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2931 google-bidout-d.openx.net — Cisco Umbrella Rank: 2790	484 B
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	spun.com.br analytics.spun.com.br — Cisco Umbrella Rank: 443521	3 KB
2	googlesyndication.com e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	13 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 533	30 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	215 KB
2	incred.digital cdn.cloud.incred.digital Failed matomo.incred.digital	23 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4214	485 B
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	4 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	857 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2357	8 KB
1	one.one one.one.one.one — Cisco Umbrella Rank: 22285	405 B
1	adseleto.dev api.adseleto.dev — Cisco Umbrella Rank: 366087	852 B
66	21

	Domain	Requested by
20	nilotrip.com	nilotrip.com
7	securepubads.g.doubleclick.net	nilotrip.com securepubads.g.doubleclick.net
6	cdn.cloud.adseleto.com	nilotrip.com cdn.cloud.adseleto.com
3	analytics.spun.com.br	nilotrip.com analytics.spun.com.br
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	oajs.openx.net	1 redirects
2	e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	custom-targets.cloud.adseleto.com	cdn.cloud.adseleto.com
2	matomo.incred.digital	nilotrip.com matomo.incred.digital
2	www.googletagmanager.com	nilotrip.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	www.google.com	ep2.adtrafficquality.google
1	google-bidout-d.openx.net	oa.openxcdn.net
1	gum.criteo.com	static.criteo.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	one.one.one.one	cdn.cloud.adseleto.com
1	api.adseleto.dev	cdn.cloud.adseleto.com
0	cdn.cloud.incred.digital Failed	nilotrip.com
66	27

This site contains no links.

Subject Issuer	Validity	Valid
nilotrip.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
static.cloud.adseleto.com WE1	`2024-12-16` - `2025-03-16`	3 months	crt.sh
spun.com.br WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
incred.digital WE1	`2024-12-15` - `2025-03-15`	3 months	crt.sh
*.cloud.adseleto.com WE1	`2024-12-16` - `2025-03-16`	3 months	crt.sh
adseleto.dev WE1	`2024-11-29` - `2025-02-27`	3 months	crt.sh
one.one.one WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
id5-sync.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-12-14` - `2025-03-14`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
esp.rtbhouse.com WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://nilotrip.com/
Frame ID: 6C4EA156184F6257075502DF644210E0
Requests: 58 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 51F8572CB85E4BB7EE45C1003EE4DB6E
Requests: 1 HTTP requests in this frame

Frame: https://e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83BE0292A185EE8F716E29A49D3CB199
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=nilotrip.com
Frame ID: 84606A28CF2F424C379AF78F1B644255
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CA05620006A579E0F341FC42425BFCE3
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B17B371EC00D7DCBED993385FCCE660C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 229772D44E893B933ADEA392D5D48551
Requests: 1 HTTP requests in this frame

Frame: https://e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD885030D79A97ABB1A36D0D704469B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nilotrip - Cheap Air Tickets, Finance and Credit Tips for your Dream Travel

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

66
Requests

94 %
HTTPS

32 %
IPv6

21
Domains

27
Subdomains

26
IPs

3
Countries

2311 kB
Transfer

3980 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://oajs.openx.net/esp?url=https%3A%2F%2Fnilotrip.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fnilotrip.com%2F&rid=esp&cc=1

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
nilotrip.com/ 108 KB
32 KB 573ms
440ms Document
text/html 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.22
Resource Hash: 45a487cba384adb51e4b69df979a57b6ab9815e2ce579c254a30829701a206d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f38385eeb682f73-LAX
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 17 Dec 2024 16:16:53 GMT
link: <https://nilotrip.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Zg6ggmn3OQgMcZdojRaftJia6n52fi%2FH281MxTWghpK4gmFmUvNdjhOhfW0mtlbNc%2FtLWbMjag8ltjDkyEfplZosqt8F4S23Dpu2%2FtjMaVQsFxpFxbLEwkWtoa1CSs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=71157&min_rtt=70919&rtt_var=11389&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4178&recv_bytes=4478&delivery_rate=291&cwnd=12000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=452&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.2.22
x-server-grid: C1
x-turbo-charged-by: LiteSpeed

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 438ms
161ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nilotrip.com
URL: https://nilotrip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

14bc3c55518c765eca51d2859178c75de369c3f45d36485988f82aab41721ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: br
etag: 958 / 20074 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33855
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/ 485 B
288 B 429ms
153ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js

Requested by

Host: nilotrip.com
URL: https://nilotrip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: br
etag: 2983297436258324226
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 261
x-xss-protection: 0
server: cafe

GET inc_day-shift.min.js
cdn.cloud.incred.digital/wrapper/plugins/ 0
0

GET
H3 200 style.min.css
nilotrip.com/wp-includes/css/dist/block-library/ 112 KB
17 KB 101ms
98ms Stylesheet
text/css 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 15556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UjOMrskWxGcCak2g6RN9tKuGx2cQONAo4EzDczjfbouTplpH9p%2B0B5o9AOnAFTWQt%2Fempa4%2FSNZwiop71WVkkJOuFzrwos4q12qwVw2E067fgwtf4B1h%2BbujdJhAKCg%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 11:57:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71255&min_rtt=70919&rtt_var=317&sent=44&recv=30&lost=0&retrans=0&sent_bytes=39292&recv_bytes=7330&delivery_rate=298637&cwnd=24000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=631&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 14:06:06 GMT
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f383862388e2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 styles.css
nilotrip.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 96ms
93ms Stylesheet
text/css 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.0
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 445229
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BJuect51%2FUYeAESm6ANDdCwOvZeSThTRHFrBVYReV3XxWqaEsRCVY38bJYCIgFf3OvvQqPK5uUsATyeeR0Muw3Z1b%2BIqLFD6ZS3ZELtrBK8N2SnkLJrH9vZHpW%2B2%2BI%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 19 Dec 2024 12:36:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71255&min_rtt=70919&rtt_var=317&sent=42&recv=30&lost=0&retrans=0&sent_bytes=37411&recv_bytes=7330&delivery_rate=298637&cwnd=24000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=627&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 20:47:01 GMT
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f383862388f2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 style.css
nilotrip.com/wp-content/themes/adtech-theme/ 184 KB
33 KB 105ms
103ms Stylesheet
text/css 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/themes/adtech-theme/style.css?ver=1.12
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1db48e29a1ebed5acb8df657e762e58f93d6d3a72da63fecccd7ec645161f5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 10178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSxGlbiMvTcw1qHqD2btXWF57fNuOv6kYDsRa9rHaV%2Fg59eT8mNy%2B3ZY8TIFNxhWksT7hmAo9UraC1Aem8HkTrqPQq%2F8RvKpWbXtnvuhB%2B%2FkmRFf3loh4ieznBDr7tM%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 13:27:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71255&min_rtt=70919&rtt_var=317&sent=59&recv=30&lost=0&retrans=0&sent_bytes=57196&recv_bytes=7330&delivery_rate=298637&cwnd=24000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=635&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 00:45:38 GMT
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f38386238902f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 utm-forward.js Show response
cdn.cloud.adseleto.com/ 261 B
1 KB 210ms
94ms Script
text/javascript 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/utm-forward.js
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adb2428db068d70bd39db06b228c275d120d3a6befbbc612836ed9a7686c713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=TqgMew==, md5=OeIrvuJOtaGTkDgV53kzow==
cf-cache-status: HIT
etag: W/"39e22bbee24eb5a193903815e77933a3"
age: 555
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SyVXvN%2Be%2BfIOb33iAhfb%2FGdmJTikyUKoL2Cz6LXc2wuL%2FjSFMii54PPkCkZDUFk%2BdBxaKJsI1pK8Pp1IX%2FN25siAN%2BxOjkH7QeATcldDUcTdY45ckEouRp93sCOg%2F7N77vl6sar73RI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 261
server-timing: cfL4;desc="?proto=QUIC&rtt=70905&min_rtt=70672&rtt_var=26668&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4280&recv_bytes=4263&delivery_rate=45530&cwnd=12000&unsent_bytes=0&cid=910988da828a2310&ts=124&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
last-modified: Fri, 24 Nov 2023 18:19:28 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AFiumC4eZQo7P7G5sYycFdWfMeKTl0qV9P7siPSWPtiYJN9-TUPI74m-lJCILMZYsgtdLjFa4ugc0F0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8f383862e8f72ae4-LAX
access-control-allow-origin: *
x-goog-generation: 1700849968211852
server: cloudflare

GET
H3 200 embossed-credit-card-with-stylish-vintage-minibus-art-wanderlust-1-1568x1045.jpg
nilotrip.com/wp-content/uploads/2024/10/ 174 KB
175 KB 599ms
597ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/10/embossed-credit-card-with-stylish-vintage-minibus-art-wanderlust-1-1568x1045.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755de43a2ee5da48c9b14093ade133c267f727ff10e9f70953378343887aeb5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mt7gA0qPqYuF1%2F3GtIrlMCc%2FfieZzpLn0ACK7nY3%2FPiJZ2v8%2Bmrl8RYBsnocHeEY2lFhOENp7VQZbS7gurKcyX6afjFM1bZDkK2qbldkJQzsumq0fTbFLYQV85kE%2BS8%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78597&min_rtt=70919&rtt_var=4311&sent=149&recv=73&lost=0&retrans=0&sent_bytes=155431&recv_bytes=12670&delivery_rate=241279&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1060&x=1", cfExtPri, cfHdrFlush;dur=68
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Sat, 12 Oct 2024 00:10:56 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f38386238942f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 178157
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 top-view-woman-hand-holding-credit-card-with-travel-accessories-passport-desk-traveling-concepts-1568x881.jpg
nilotrip.com/wp-content/uploads/2024/10/ 210 KB
211 KB 524ms
522ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/10/top-view-woman-hand-holding-credit-card-with-travel-accessories-passport-desk-traveling-concepts-1568x881.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9366fed80a3c81ee10a8275c965358e99a83bf2d0bcf97f837c8e9b6ac4b64ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2FASgs7t7FZubk4bPI6lt2Z5wev654dzO%2B9C0TZvOrJcoFJdbl3zAfo2CTi%2F88X8hBx8kR7I%2FFUSUN2IICvtrNatT%2BdDtWv1dE9gy%2FJHlKXDPnlrame0JvS2zQ0WROI%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78597&min_rtt=70919&rtt_var=4311&sent=113&recv=73&lost=0&retrans=0&sent_bytes=113431&recv_bytes=12670&delivery_rate=241279&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1057&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Wed, 30 Oct 2024 20:36:29 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f38386238952f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 215185
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 african-american-man-suit-with-luggage-making-call-outside-airport-setting-is-busy-1568x934.jpg
nilotrip.com/wp-content/uploads/2024/10/ 205 KB
206 KB 599ms
597ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/10/african-american-man-suit-with-luggage-making-call-outside-airport-setting-is-busy-1568x934.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f25902553adbfb0c48b9375fd849ff90a6056ac124a87ae7a19db0e01dd422c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2BfgoQJdBxGEoTSP%2BeksFtIRKdW2wIA%2B%2F%2Fl9CVerMlUgMC3N3tkAbqUEHu%2F%2BiPi9lRb1K0rHrYJJgJBB8otg9IvAKaE9q8dUibWGkQ6YtOF5zwLLS%2F6w4h0f1O5QDMA%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78597&min_rtt=70919&rtt_var=4311&sent=149&recv=73&lost=0&retrans=0&sent_bytes=155431&recv_bytes=12670&delivery_rate=241279&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1060&x=1", cfExtPri, cfHdrFlush;dur=68
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Fri, 25 Oct 2024 22:19:39 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f38386238972f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 210396
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 woman-taking-photos-stunning-tropical-bay-with-turquoise-water-limestone-cliffs-1568x1045.jpg
nilotrip.com/wp-content/uploads/2024/10/ 188 KB
189 KB 542ms
541ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/10/woman-taking-photos-stunning-tropical-bay-with-turquoise-water-limestone-cliffs-1568x1045.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5afd2f900acc8c1102f1538b33718c33e9eca6eddf0510341569ffdffbf15cd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLzmUDGxX8IIqh6bDYW9ytH79jE0uxybiO%2FbGjeRRHNUneoITbEpKbre4AJsme0DJRrsUqKJe9s6qLRy83MhMHoWRXUqW24aZrxnDzCBySZAZSFRGDeRI2SopMr8VOw%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=77586&min_rtt=70919&rtt_var=4135&sent=595&recv=98&lost=0&retrans=0&sent_bytes=683049&recv_bytes=14062&delivery_rate=2016873&cwnd=300000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1286&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Fri, 25 Oct 2024 16:57:02 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a632f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 192967
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 woman-relaxing-by-pool-luxurious-beachfront-hotel-resort-sunset-enjoying-perfect-beach-holiday-vacation-1568x1045.jpg
nilotrip.com/wp-content/uploads/2024/10/ 134 KB
134 KB 529ms
525ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/10/woman-relaxing-by-pool-luxurious-beachfront-hotel-resort-sunset-enjoying-perfect-beach-holiday-vacation-1568x1045.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c51eebc57c55c6df4b9c5a008e2401df6487efcf350a96ceaee1fc0fb1c2f37f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XWQt%2FoRoGK29hcQLH%2BHrZkhAVQ3Y4L9ZsZTPFiXdg8N9mSMBUSLZ6ykBYavMhjGuhGEjFNIjFBvqsyeJvQcIJUB2kPhSm9FmPBB2I%2Bhp7l%2FAqqZVM%2FUG2IO0aHR3Xy0%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74373&min_rtt=70919&rtt_var=2614&sent=384&recv=87&lost=0&retrans=0&sent_bytes=431456&recv_bytes=13562&delivery_rate=1153416&cwnd=180000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1275&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Thu, 24 Oct 2024 02:42:15 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a692f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 136825
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 credit-score-financial-banking-economy-concept-1-1568x1046.jpg
nilotrip.com/wp-content/uploads/2024/11/ 251 KB
252 KB 608ms
605ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/11/credit-score-financial-banking-economy-concept-1-1568x1046.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 744585bb754105e6b516a119b5f10fe1a883188fdbec20044de7eea8570d3a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLtAwAxKHvznTperK28o%2FVGh2IkmMv2jA64Kx4NLsUTALp%2Bq2iTBGKbrsYZUrS7ySKjvS4OwKbsvI6EpbNdjeTxkK6ccQwYmrE9rIJw5UaddWN566G2KAOHDALdFg8Q%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75534&min_rtt=70919&rtt_var=2410&sent=535&recv=95&lost=0&retrans=0&sent_bytes=611456&recv_bytes=13927&delivery_rate=1556702&cwnd=264000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1283&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Wed, 20 Nov 2024 18:49:47 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a712f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 256929
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 young-man-learning-virtual-classroom-1-1568x1047.jpg
nilotrip.com/wp-content/uploads/2024/11/ 154 KB
155 KB 608ms
606ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/11/young-man-learning-virtual-classroom-1-1568x1047.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ccea6605d653b8eddc2bb344f83441b6e2a757290d4b531e6a8e353791ac2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbUFcy%2B5XVwziKo0uj%2FhKHkSam%2BsU%2BNaOPFaNcnQfzlU8UpRs3%2FUjFVtuNQqgyTAIb1BU0ZnFqbbnQt66gurQpP%2FhLPq6MENuiOSxeiqXl4Pjc6OMfrFpTZElTlIIaQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74628&min_rtt=70919&rtt_var=2804&sent=364&recv=86&lost=0&retrans=0&sent_bytes=407456&recv_bytes=13517&delivery_rate=938756&cwnd=168000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1256&x=1", cfExtPri, cfHdrFlush;dur=19
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Wed, 20 Nov 2024 00:31:55 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a732f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 158133
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 couple-checking-their-bills-living-room-1568x1045.jpg
nilotrip.com/wp-content/uploads/2024/11/ 243 KB
244 KB 606ms
604ms Image
image/jpeg 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nilotrip.com/wp-content/uploads/2024/11/couple-checking-their-bills-living-room-1568x1045.jpg
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199a9f344ebfe841459996481860b87002085a13c0a8b49ec91fb38c1836553f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YCr25nOxCOvHKCyUdEOkAh%2B%2BVF4zCgxOqAvSeVVQvnXmoSqZn8borWjnMpuWYpmzkNsq4OumVZYMYT4nJhFzKjWBhTyNVhozAetnBnkGsVjILs92fBAWZZl9JqNNKQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 24 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74628&min_rtt=70919&rtt_var=2804&sent=364&recv=86&lost=0&retrans=0&sent_bytes=407456&recv_bytes=13517&delivery_rate=938756&cwnd=168000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1268&x=1", cfExtPri, cfHdrFlush;dur=8
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: image/jpeg
last-modified: Tue, 12 Nov 2024 23:41:33 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a752f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 249239
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 stats.js Show response
analytics.spun.com.br/ 4 KB
2 KB 184ms
91ms Script
application/javascript 172.67.140.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/stats.js?v=3.0

Requested by

Host: nilotrip.com
URL: https://nilotrip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f9bc234e51b7443310c9b8babb1d62c47047ca3ae2fc2d6f5b7411387cf949

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"65b00404-e7e"
age: 172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfceCGXOmdbkpTVAPlXYBoEiHw5%2B2tjR6HMpRuUseQuLLZmHBT6W9GTLMiQSULVqF%2F7uL8ZgqeTQBaHO0sHZLXYeeG4GSV%2F702e700gg8x%2BG%2FtNOSBQQmSEi9Au%2FhjsSzpbA2Vr%2BXto%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=70698&min_rtt=70687&rtt_var=26531&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4235&delivery_rate=46422&cwnd=12000&unsent_bytes=0&cid=db017e64eb73d79e&ts=98&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: application/javascript
last-modified: Tue, 23 Jan 2024 18:23:00 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838641ef70fd4-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 hooks.min.js Show response
nilotrip.com/wp-includes/js/dist/ 5 KB
2 KB 97ms
93ms Script
text/javascript 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 6606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OlzTIGbFAHNMKxng4zFo1DGfPW9mHlaNeLWCzmGwgI7UhCNYnlE0PIM4GAlmSRxN5njd67B2vE72Tkot00fZPMmjQqFODkKx85%2Bc%2BRaC4zaYMRVS%2FED2KPsz2WX4JlE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79208&min_rtt=70919&rtt_var=3597&sent=95&recv=65&lost=0&retrans=0&sent_bytes=94434&recv_bytes=12317&delivery_rate=401112&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=842&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 14:06:05 GMT
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a6c2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 i18n.min.js Show response
nilotrip.com/wp-includes/js/dist/ 9 KB
4 KB 101ms
97ms Script
text/javascript 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMWoNjckxHVyTzqKTuIljMxJ%2FkydJA4VH1fEE9yIx6s5ZfP%2BIAKArfTYOlJ1RAa3pLjxe%2BXPrX6c7wIo5%2BRQ7dIhlqVBbr7nYeAsTdcYfewxjn42sPUw6%2FaT2jp7IcM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79208&min_rtt=70919&rtt_var=3597&sent=102&recv=65&lost=0&retrans=0&sent_bytes=101482&recv_bytes=12317&delivery_rate=401112&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=847&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 20:03:57 GMT
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a6d2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 index.js Show response
nilotrip.com/wp-content/plugins/contact-form-7/includes/swv/js/ 12 KB
4 KB 100ms
96ms Script
text/javascript 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.0
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d60e3b25e56d35148888b5a08c8eb0ff3806f9698d4f6f54a35eab7d27f4c2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 2752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgLB49f2wTuIQCtNmUiGwkf2K3lgxQeVP7JGQhN0MLKTNqLXpH35dHiLCqkgQhcsK3k1TWyM2svdSgNGcTRZP7WFRGT8OzSM45k3vDwnoNZl7Gxg1ohLSg46KUFHAw0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79208&min_rtt=70919&rtt_var=3597&sent=98&recv=65&lost=0&retrans=0&sent_bytes=96945&recv_bytes=12317&delivery_rate=401112&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=846&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 20:47:01 GMT
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a6e2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 index.js Show response
nilotrip.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 104ms
101ms Script
text/javascript 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.0
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGOhhSiNBbOXaTF%2FxkA4NJIIHXUK9nwUrujeBpI%2BnyMe1hutJtEKDx9B7xtSZ4V7wES%2FCM8GLIqGspUTYi1Y2KHlD4rkao1iWS7RP2duapRZk7mNhWS%2Fj%2FMArOkgiSw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79208&min_rtt=70919&rtt_var=3597&sent=106&recv=65&lost=0&retrans=0&sent_bytes=106139&recv_bytes=12317&delivery_rate=401112&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=851&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 20:47:01 GMT
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a6f2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 primary-navigation.js Show response
nilotrip.com/wp-content/themes/adtech-theme/assets/js/ 6 KB
3 KB 92ms
89ms Script
text/javascript 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/themes/adtech-theme/assets/js/primary-navigation.js?ver=1.12
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8a3ca0ea2bae6770aa54a3eff6c6758086dd409856adfdb70b2901d73afc0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 2752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6YF%2Fpw3a2%2FJZYf%2BiXuhqG5Lw3JnqfMPq%2B8Dy5zQN4Y5a6bEsq%2FbWpiEtikQFFN9ipr3upmBofIABplAh0W%2BL92BQzQz3eNum3Be9dZ9fWhWyJvQNA0eq0uaRqJ39ZQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79208&min_rtt=70919&rtt_var=3597&sent=92&recv=65&lost=0&retrans=0&sent_bytes=91680&recv_bytes=12317&delivery_rate=401112&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=840&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 00:38:34 GMT
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a702f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET ad780db9-27f7-4fa7-a5cc-d4a11ddee43c
https://nilotrip.com/ Frame 0
0

GET
H3 200 print.css
nilotrip.com/wp-content/themes/adtech-theme/assets/css/ 3 KB
2 KB 108ms
107ms Stylesheet
text/css 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/themes/adtech-theme/assets/css/print.css?ver=1.12
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 285554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2irEw21bLQeo97Wuxc8IzhPV%2Bg%2FSW4j3WPUjKEwaFQmbQeHoKgeipyhcVsOZp4Y4dOI6BqCyB%2FujQ3N5v8g2Hj%2FD5Um86503Apj12juSG2ABYwuGXWKQA6Obyy14Ow%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 21 Dec 2024 08:57:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79208&min_rtt=70919&rtt_var=3597&sent=111&recv=65&lost=0&retrans=0&sent_bytes=111481&recv_bytes=12317&delivery_rate=401112&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=858&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 00:38:34 GMT
priority: u=4,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838638a762f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 322 KB
108 KB 456ms
172ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-RK2TF641XH

Requested by

Host: nilotrip.com
URL: https://nilotrip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c071e05fbce27f0ea5122c6d8708d914ba6c0c1a62ebc98bb9606ae6a2aca4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 17 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109596
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 322 KB
107 KB 489ms
205ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-9RDST5WT4Y

Requested by

Host: nilotrip.com
URL: https://nilotrip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cb7f22a5891ffbce929a598ccc86e6684a3ddfe3252e3a211883981c242a04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 17 Dec 2024 16:16:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109531
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 faux-drift.min.js Show response
cdn.cloud.adseleto.com/dev/plugins/ 1 KB
2 KB 169ms
167ms Script
text/javascript 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/dev/plugins/faux-drift.min.js
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f4b359e6d8709ddc10dcd7ebbf93126c526e3a0a5e97149e9e84b7e2035fc0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nilotrip.com
Referer: https://nilotrip.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=tHHIgw==, md5=wwUbVWgBv26sBnCXQbkUxA==
cf-cache-status: HIT
etag: W/"c3051b556801bf6eac06709741b914c4"
age: 253
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zlI7p7op1Www8Q6W9D27pOwVnc8CYuaZf9yUd9JhB7wHX1dF9hHjzwNOvS1r4687ZkQe26WQAtNwGUlBorSauz9y8w3oK8Ej8avybqJRRacgHrvd0x5p1T2CMWbbAl8ThTZrKuXhNk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 1399
server-timing: cfL4;desc="?proto=QUIC&rtt=71190&min_rtt=71186&rtt_var=26702&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4277&recv_bytes=4768&delivery_rate=19896&cwnd=12000&unsent_bytes=0&cid=d7bbc3cda1b32b46&ts=95&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 15:19:53 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AFiumC7Cbx3tjBe03iQr39JIRFlwiis0MoIE6P_SBFOEfmBiac6TIRG9TqMA7yVDgTk5Vs6J
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8f383863de1408c7-LAX
access-control-allow-origin: *
x-goog-generation: 1733930393075835
server: cloudflare

GET
H3 200 auto-custom-targets.min.js Show response
cdn.cloud.adseleto.com/dev/plugins/ 777 B
2 KB 168ms
167ms Script
text/javascript 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/dev/plugins/auto-custom-targets.min.js
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69bff0241ecba4b6eb411e4a5321e97310617fa9f18f99f39b49186a219c50cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nilotrip.com
Referer: https://nilotrip.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=QDl9Zw==, md5=oWVCrHEo2uWtx3x63qhNoQ==
cf-cache-status: HIT
etag: W/"a16542ac7128dae5adc77c7adea84da1"
age: 253
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxRpCvjmFSv6KJbBGQEHDYgJO79mLsuEfVAHZSra4iQBluBCgFCPrahwOXhaphNH6%2FaNoGQFZyjvPd5PnTDd59Bg4lLV4fXV5leiZbrAn4nC9eze%2FPRgNDWYf0G4xnf5bQxu2NPXOJw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 777
server-timing: cfL4;desc="?proto=QUIC&rtt=71190&min_rtt=71186&rtt_var=26702&sent=10&recv=8&lost=0&retrans=0&sent_bytes=2650&recv_bytes=4768&delivery_rate=19896&cwnd=12000&unsent_bytes=0&cid=d7bbc3cda1b32b46&ts=95&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 15:19:56 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AFiumC5WDZVp4I_t3ks5x7NKivUCSgYW6lVPkuOK2bWyQa2jXGJqwk1nGyd41YQ5NumJOqXJy-1igto
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8f383863de1508c7-LAX
access-control-allow-origin: *
x-goog-generation: 1733930396247544
server: cloudflare

GET
H3 200 adseleto-wrapper.min.js Show response
cdn.cloud.adseleto.com/dev/ 50 KB
18 KB 172ms
171ms Script
text/javascript 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/dev/adseleto-wrapper.min.js
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14cd7fac99f64592258e5ef9a11a972613c4d6925177df2b241315bafb9da61c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nilotrip.com
Referer: https://nilotrip.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=z7M77Q==, md5=ztkQIoMeNFrYVQmnPoGgig==
cf-cache-status: HIT
etag: W/"ced91022831e345ad85509a73e81a08a"
age: 253
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiIM90GdPwjhbW3su25NPKotuxq2giCIYYjhoCjkfpvxFxXg90hGtxoRQsQ0KSNuAycrpmDuI0OOeLsOC43H0cv1i9pyXlGHxKJH0%2BWG1gC1x3zbVpj2Xw3zDTW7ds%2BSP3PDcQTttm4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 50690
server-timing: cfL4;desc="?proto=QUIC&rtt=71190&min_rtt=71186&rtt_var=26702&sent=14&recv=8&lost=0&retrans=0&sent_bytes=6074&recv_bytes=4768&delivery_rate=19896&cwnd=12000&unsent_bytes=0&cid=d7bbc3cda1b32b46&ts=100&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 15:19:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AFiumC5gUh_ds0ukoRXkK1ZHzh4fLm_AhnvPDt6est-R-TQqISWc3lfJKND2iMhzY5RfuRrL
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8f383863de1608c7-LAX
access-control-allow-origin: *
x-goog-generation: 1733930388332786
server: cloudflare

GET
H3 200 matomo.js Show response
matomo.incred.digital/ 66 KB
22 KB 190ms
90ms Script
text/javascript 172.67.157.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.incred.digital/matomo.js
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "10784-622f63adb1740-gzip"
age: 6364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qm8XhIRn4T6J1h35QgGUqgdjLChh6ZfVuALiJRl0gVm2K0NEGW7h3%2BtKpOiQkIe71PCB5Up%2FRpXbOvGf273Or1r%2FKu5oicULKwW8yrDHzrVDHHrlgNR3QSAr%2F0GcolB5PL7K4TT%2F2e8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71130&min_rtt=71094&rtt_var=26732&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4233&delivery_rate=43576&cwnd=12000&unsent_bytes=0&cid=5a9d26393f8fb8f9&ts=99&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 19:00:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838642e227d77-LAX
accept-ranges: bytes
content-length: 21925
server: cloudflare

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6651c182d05375a1f0f029a8934d7a852908ec265c6bbca96e0ff87b7d968695

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 template-3d0b43ca.mjs Show response
cdn.cloud.adseleto.com/dev/plugins/ 231 B
1 KB 93ms
92ms Script
text/javascript 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/dev/plugins/template-3d0b43ca.mjs
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6d52e194584784f55fb673838961fbf6767d1c091fd80a05b36aec1e2e341a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://nilotrip.com
Referer: https://cdn.cloud.adseleto.com/dev/plugins/faux-drift.min.js

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=/Z486Q==, md5=/ASUq0n+vdlpEX7mYonk1A==
cf-cache-status: HIT
etag: W/"fc0494ab49febdd969117ee66289e4d4"
age: 253
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNfIR2p0Ut5%2FDjb5ZeRYvvrPflP9nrCVwg0Ex%2BF4tJTFdSilKEJlgSM3wg4zCzkUwgkDz9Yrv%2Fylvz%2Bzb7v9qFHiTLIV%2FGGcDcBOYg664FgEhkkZi2V%2B6o8oBOG2x7TQb79ts%2F1EqsA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 231
server-timing: cfL4;desc="?proto=QUIC&rtt=82678&min_rtt=70757&rtt_var=12968&sent=32&recv=18&lost=0&retrans=0&sent_bytes=25207&recv_bytes=5509&delivery_rate=149550&cwnd=21000&unsent_bytes=0&cid=d7bbc3cda1b32b46&ts=191&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 15:20:04 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: AFiumC4I8iaLMVwK0RWiHLFKdaOY3p9zNYMGuJNCOrE175JGDO_CrGUOX7uboUgGCav994bEUQ1fySA
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8f3838647eb208c7-LAX
access-control-allow-origin: *
x-goog-generation: 1733930404831070
server: cloudflare

POST
H3 200 / Show response
analytics.spun.com.br/site-stats/ 0
777 B 236ms
159ms XHR
text/html 172.67.140.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/site-stats/

Requested by

Host: analytics.spun.com.br
URL: https://analytics.spun.com.br/stats.js?v=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydA7YlzUoPDVrDsTT
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEUx%2BWMlXbfb%2FrAMztXIk4xbafF6qD6lddOuAZlrk8EKL3hakw2bzH6JPrIMUAXfVDCXyA2JnYHQuYaHALeZXdW%2B1IusjCvbn%2BKk9enzb%2FXL0WNxoRv6i%2FiViZmXEPBLxVZZXUhYckM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71000&min_rtt=70748&rtt_var=15121&sent=10&recv=11&lost=0&retrans=0&sent_bytes=2189&recv_bytes=5399&delivery_rate=8296&cwnd=12000&unsent_bytes=0&cid=55d7afeab6ee91e6&ts=162&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f38386529abf7b5-LAX
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

POST
H3 200 / Show response
analytics.spun.com.br/site-pageview/ 5 B
748 B 240ms
164ms XHR
text/html 172.67.140.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/site-pageview/

Requested by

Host: analytics.spun.com.br
URL: https://analytics.spun.com.br/stats.js?v=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8137cf1870430460999ec4cc7e954e08a00d126721af5d6954c4b8bba59e5754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNsgznzMiuuhXrgdf
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcaiGuLm68BQ62xtatsmsDFAhTno8igHoZeA7PTmKVjRY%2BK1xLHmXcDcTBJCm8cjVafIzP8mYMG73mD80txBR68%2BBj1vH%2FDwTqjUu95KFcRUNn3zQs0Wd%2BCYbD%2B%2BTiPvFd%2BVjhosnDQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71000&min_rtt=70748&rtt_var=15121&sent=11&recv=11&lost=0&retrans=0&sent_bytes=2989&recv_bytes=5399&delivery_rate=8296&cwnd=12000&unsent_bytes=0&cid=55d7afeab6ee91e6&ts=168&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f38386529a5f7b5-LAX
access-control-allow-origin: *
x-powered-by: PHP/7.4.33
server: cloudflare

OPTIONS
H3 204 checkCustomTarget
custom-targets.cloud.adseleto.com/ Frame 0
0 340ms
246ms Preflight
text/html 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custom-targets.cloud.adseleto.com/checkCustomTarget
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nilotrip.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f383865ac4dcba7-LAX
content-type: text/html
date: Tue, 17 Dec 2024 16:16:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvyKn%2B%2FVZQeqSu3XtXr6xknwdq41GQTec8aWXM7spko3DIe5TgNgVFsQt9JDKtn%2BLRfsmJmVY2jiGQal%2BaQQmCwgmDf9c3x42rNusvfTi0osI2jcSN3m5dTbWYPG0vK7Q3T%2BSOu09W4zek8a5%2FRCOFT0ig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=74061&min_rtt=70991&rtt_var=17346&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4307&recv_bytes=4434&delivery_rate=293&cwnd=12000&unsent_bytes=0&cid=8f9bb57c39f82dd3&ts=256&x=1" cfExtPri cfHdrFlush;dur=0
via: 1.1 google
x-cloud-trace-context: 029e0104776f47c69bf7ede16c0ed775
x-powered-by: Express

POST
H3 200 checkCustomTarget Show response
custom-targets.cloud.adseleto.com/ 36 B
789 B 241ms
239ms Fetch
application/json 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custom-targets.cloud.adseleto.com/checkCustomTarget
Requested by: Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/dev/plugins/auto-custom-targets.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fb4fd881e8a1c92ce9138a6453f1682536960e9e8f45dddaa04d8cfcb7f5f8fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://nilotrip.com/

Response headers

cf-cache-status: DYNAMIC
etag: W/"24-VCTA8KvvuLYq4rna6HydlPu/HK4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKswofcMGc%2Bu6hNLz1V710OsYoHf0ayRCjwlaV3mdWSzF15HekSj3Z3alFvLY8wNLk%2FZqM1BWXVC9bcD%2Bw4j83i%2FK6NRDynocuXASXTxo27ojiQTuw8JpmCghOpO6dHLPoHgn%2BgEIP8e38sisyL6uCs5sA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73843&min_rtt=70991&rtt_var=13446&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5136&recv_bytes=4885&delivery_rate=10813&cwnd=12000&unsent_bytes=0&cid=8f9bb57c39f82dd3&ts=498&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: application/json; charset=utf-8
x-cloud-trace-context: 5da753d2adeba68eb407269d05bb4448
priority: u=1,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8f3838673b2ecba7-LAX
access-control-allow-origin: *
content-length: 36
x-powered-by: Express
server: cloudflare

GET
H3 200 check-risk Show response
api.adseleto.dev/escalated/ 17 B
852 B 350ms
227ms Fetch
application/json 172.67.171.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adseleto.dev/escalated/check-risk?type=display&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&d=nilotrip.com&r=&cust=direct
Requested by: Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/dev/adseleto-wrapper.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d86df284a64828cfa71fea050c3f3aaa00ccdaf13e071e1263c024268ec43872

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: DYNAMIC
etag: W/"11-PCh8S7PN2iF9/4VRmOcMW4yWzy0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKUtcEm%2FSuLOqQ%2F0wTVRdWz2LLWV9XPoyJzUzl7muIOMelEk6S719UJrWsYfJCISdQOzXTejlWqlpA89G49QRbbjwHAGUB3qm8h35GAAyaoh02oQNvc8JGT844JiYrUxOMGu"}],"group":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=70828&min_rtt=70670&rtt_var=15035&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4213&recv_bytes=4502&delivery_rate=8914&cwnd=12000&unsent_bytes=0&cid=4bdfe65afae6d6f9&ts=236&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-request-id: 831de90af258844ec644d545195eed65
access-control-allow-credentials: true
via: 1.1 kong/3.8.0
cf-ray: 8f383865db985355-LAX
x-kong-upstream-latency: 68
access-control-allow-origin: https://nilotrip.com
content-length: 17
x-powered-by: Express
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
nilotrip.com/wp-includes/js/ 18 KB
6 KB 359ms
359ms Script
text/javascript 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by: Host: nilotrip.com
URL: https://nilotrip.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 5405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHM%2FU9W1GwY%2BHYNCvOIFy38L77K1lJ9H6IP4LYFigkgeH4BNhlhavw9DOqP8byKQZSNhINZylfDgNJYhIDQP4z8vqA9OzGGl6n4%2BrPniiZuRhlipKc47xBakndNz0h4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78597&min_rtt=70919&rtt_var=4311&sent=150&recv=74&lost=0&retrans=0&sent_bytes=155456&recv_bytes=12981&delivery_rate=241279&cwnd=42000&unsent_bytes=0&cid=936bfca340e2b8c8&ts=1081&x=1", cfExtPri, cfHdrFlush;dur=47
date: Tue, 17 Dec 2024 16:16:54 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 20:03:57 GMT
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3838651c9e2f73-LAX
x-server-grid: C1
x-turbo-charged-by: LiteSpeed
server: cloudflare

POST
H3 204 matomo.php
matomo.incred.digital/ 0
614 B 276ms
275ms Ping
text/plain 172.67.157.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.incred.digital/matomo.php?action_name=Nilotrip%20-%20Cheap%20Air%20Tickets%2C%20Finance%20and%20Credit%20Tips%20for%20your%20Dream%20Travel&idsite=7&rec=1&r=201773&h=6&m=16&s=54&url=https%3A%2F%2Fnilotrip.com%2F&_id=93f47cbc086da0d8&_idn=1&send_image=0&_refts=0&pv_id=81juEC&pf_net=133&pf_srv=439&pf_tfr=74&pf_dm1=393&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: matomo.incred.digital
URL: https://matomo.incred.digital/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.157.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://nilotrip.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBY563mj35tDyAjY4cO6ohvk9aNkm2YOy0M8x%2FY1jWdo%2BunAAvuNwe8EXIdE5v52KxKjP%2FU%2Fn3S7r9gWbpisSS6GWyCBJ8mtCIxJ%2B2gsjMGXRSvaM%2BweclZfT1sciUwklXYPC1nsCnI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f3838654f377d77-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=84900&min_rtt=70963&rtt_var=7331&sent=33&recv=20&lost=0&retrans=0&sent_bytes=27388&recv_bytes=5475&delivery_rate=165933&cwnd=21300&unsent_bytes=0&cid=5a9d26393f8fb8f9&ts=461&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:54 GMT
server: cloudflare
priority: u=4,i

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 137ms
137ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 15738
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 11:54:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 11:54:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 145ms
143ms Other
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: nilotrip.com
URL: https://nilotrip.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 12736
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 12:44:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 12:44:38 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H3 200 trace Show response
one.one.one.one/cdn-cgi/ 305 B
405 B 155ms
74ms Fetch
text/plain 1.1.1.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://one.one.one.one/cdn-cgi/trace

Requested by

Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/dev/adseleto-wrapper.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

1.1.1.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

one.one.one.one

Software

cloudflare /

Resource Hash

e54dce0f42633ee02645215038615a7572db87622c34adb5b28d1c753a981807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cache-control: no-cache
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8f383867cd5fdb6e-LAX
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: *
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: text/plain
server: cloudflare
x-frame-options: DENY

GET
H3 200 nilotrip.json Show response
cdn.cloud.adseleto.com/pr/ 17 KB
3 KB 90ms
90ms Fetch
application/json 172.67.69.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/pr/nilotrip.json
Requested by: Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/dev/adseleto-wrapper.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0781977142043ff246495cba54d823cf45e9174be760159499c5ad46008f007d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=C8xXpg==, md5=LqbXinNnuyaU0egAQKQXlQ==
cf-cache-status: DYNAMIC
etag: W/"2ea6d78a7367bb2694d1e80040a41795"
age: 101
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GORSE002aKwavvkh8mIw%2F8QjBtYwOMB%2BaK30RZFow6Pqv%2BHTETQGS44D2VVcV%2BC%2FUvgr6DruP8L3IouB3ILL7kvGHSNWM%2BvYgDS2GHwa678xj1lIdZR4eUHeVz9KZz%2BRq9LpF%2FIcsFQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 17555
server-timing: cfL4;desc="?proto=QUIC&rtt=83596&min_rtt=70757&rtt_var=8586&sent=35&recv=25&lost=0&retrans=0&sent_bytes=26468&recv_bytes=6081&delivery_rate=108222&cwnd=21000&unsent_bytes=0&cid=d7bbc3cda1b32b46&ts=804&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: application/json
last-modified: Tue, 17 Dec 2024 15:06:26 GMT
priority: u=1,i
x-guploader-uploadid: AFiumC6zgtmdYEMfW5E1j9II17grN6Scb5FC-nmvCOqtB2g3T8oHGH5o-Wl51AuJ2nOZebyt
cache-control: public,max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8f3838684b2208c7-LAX
access-control-allow-origin: *
x-goog-generation: 1734447986563456
server: cloudflare

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 51F8 0
0 411ms
136ms Document
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 16:14:37 GMT
expires: Tue, 17 Dec 2024 17:04:37 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 321ms
166ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1a002639a5ba88b980496bb20abdb5510fb99718dc6773d6054077e2f5a9c226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13082
date: Tue, 17 Dec 2024 16:16:55 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 256ms
72ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 555728
x-goog-stored-content-encoding: gzip
expires: Thu, 11 Dec 2025 05:54:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 11 Dec 2024 05:54:47 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC4kjL_I7PGF_tytSb40-BfmWFqActoR9jeYlD583SihvfBfuFiAtKaUWSfHWZF2mulc
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 518ms
252ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"670e3454-a69c"
cross-origin-resource-policy: cross-origin
expires: Wed, 18 Dec 2024 16:16:55 GMT
access-control-allow-origin: *
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 09:22:28 GMT
server: nginx

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
857 B 224ms
72ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 12543
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230042-FRA, cache-bur-kbur8200088-BUR
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
x-jsd-version: master

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
29 KB 244ms
90ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

x-amz-id-2: pNA+036NVCEpDXHCA7r6eAxf/PbE86HPFhf6WN+MiCuGIfNxp5IgiAvNl4kYU6hAVNULYABl0nk=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"5dcd2f7daade69f0b6f0a4fca81bea12"
age: 2454
x-amz-request-id: WK5Z36ZQPB2R3SFP
cf-ray: 8f38386abd392efb-LAX
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 04 Dec 2024 13:37:28 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 860ms
686ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

etag: e8fb4c5e5648d4012fd13b4c454df319
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
date: Tue, 17 Dec 2024 16:16:56 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 11 Dec 2024 20:03:09 GMT
server: Google Frontend
x-cloud-trace-context: b9f86bae94602cf958cb096808954cc2

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 426ms
146ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 26694
via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: G5bMp4Cse6iwPdHY66zwEhrkqTyR8SSFofn0Hfc2yjT13xTsf8jUNQ==
date: Tue, 17 Dec 2024 08:52:02 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 437ms
136ms Script
text/javascript 2600:9000:2511:aa00:a:e047:754:f4a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:aa00:a:e047:754:f4a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

x-amz-version-id: suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag: "e264379414c85b18fe5fb338ed4823f8"
Age: 32464
Connection: keep-alive
Via: 1.1 83fa5376b39b1a76db557ab22fa73856.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 3117
X-Amz-Cf-Id: oUDzTAqv9YhIPCFJMSgpeAGEmPDBp6WcSepHXa_nJmuVBAQA35pGaA==
Date: Tue, 17 Dec 2024 07:15:52 GMT
Content-Type: text/javascript
Last-Modified: Wed, 11 Dec 2024 19:25:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 189 KB
46 KB 1760ms
1759ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3079833594236851&correlator=211292004243176&eid=31089348%2C31089198&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=22277837561%2Cnilotrip_desk_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734452215297&lmt=1734452215&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnilotrip.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY-fuhq70ySABSAghkEhwKDWNyd2RjbnRybC5uZXQY-fuhq70ySABSAghkEhkKCnVpZGFwaS5jb20Y-fuhq70ySABSAghkEhQKBW9wZW54GPj7oau9MkgAUgIIZBIbCgxpZDUtc3luYy5jb20Y-fuhq70ySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPn7oau9MkgAUgIIZBIXCghydGJob3VzZRj5-6GrvTJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734452214007&idt=1071&cust_params=utm_source%3Ddirect&adks=125119869&frm=20&eoidce=1&td=1&egid=8169&tan=9e8c6665-7523-4533-9591-1c1a459a979f&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

46edd4a5ef7f36ac3e71ca666caf6db0a0233e1df101a958aecd263529ebb8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 16:16:56 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://nilotrip.com
content-length: 46631
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83BE 0
0 454ms
150ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 16:16:55 GMT
expires: Tue, 17 Dec 2024 16:16:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 49 KB
15 KB 138ms
138ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

f9fa3f511d6f7387d2afb09cb74d4e5f9abe1781483f9eb9bd06da838ce341ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: br
etag: 11939229560328060289
age: 13242
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 12:36:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 17 Dec 2024 12:36:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15797
x-xss-protection: 0
server: cafe

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 685ms
225ms XHR
text/plain 141.95.98.64
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://nilotrip.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://nilotrip.com
date: Tue, 17 Dec 2024 16:16:55 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fnilotrip.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fnilotrip.com%2F&rid=esp&cc=1

85 B
192 B

120ms
119ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnilotrip.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 6a3b8bb18a6ce6270631c83a749d837d826186c1610079ccdc8251f3e5bd481c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

etag: W/"55-9olmfcgg9PNCRbN38Aseu8upk3k"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://nilotrip.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Tue, 17 Dec 2024 16:16:55 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Fnilotrip.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://nilotrip.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 17 Dec 2024 16:16:55 GMT
x-powered-by: Express
vary: Origin

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 441ms
152ms Script
text/javascript 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 16:16:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 16:16:56 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
611 B 403ms
138ms XHR
application/json 35.173.157.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.157.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-157-167.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 142fd90f3a0889ec7228533873fc94c25aba4e7b6b5e7d75618076f91334e272

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://nilotrip.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://nilotrip.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Tue, 17 Dec 2024 16:16:56 GMT
content-type: application/json;charset=utf-8
x-server: 10.40.49.244
server: Jetty(9.4.38.v20210224)

GET
H2 200 syncframe
gum.criteo.com/ Frame 8460 0
0 400ms
136ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=nilotrip.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 16:16:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 411592
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame CA05 0
0 285ms
104ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 452
content-type: text/html
date: Tue, 17 Dec 2024 16:16:56 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B17B 0
0 533ms
137ms Document
text/html 2607:f8b0:4006:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 16:15:22 GMT
expires: Tue, 17 Dec 2024 17:05:22 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 2297 0
0 562ms
161ms Document
text/html 142.250.80.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1qYvMywjoOYzJBa7qszQ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1qYvMywjoOYzJBa7qszQ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 16:16:56 GMT
expires: Tue, 17 Dec 2024 16:16:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
485 B 389ms
238ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 186bf54ba20ce1ab67bad83a3bb082cce1e5c21fdea3d01a9f7852352f361e4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://nilotrip.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221
date: Tue, 17 Dec 2024 16:16:56 GMT
content-type: application/json
x-cloud-trace-context: 9d5fcfe23c50dcb036753d4b63e03393
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H3 200 cropped-Logos-Completos-1-90x90.png
nilotrip.com/wp-content/uploads/2022/11/ 3 KB
4 KB 88ms
87ms Other
image/png 172.67.163.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nilotrip.com/wp-content/uploads/2022/11/cropped-Logos-Completos-1-90x90.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f090562bcb1f146b9761474a2f2221e4b4f9b3fca9f24d2cedde6a166d88bd3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://nilotrip.com/

Response headers

cf-cache-status: HIT
age: 514564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6mi9M97f30YZwfzby3w2leW%2B1qwSeKSOlXjOyBlSfFNbU%2FZT8m%2BqyzKZv%2FkcmkkfVpkPBDcoHJmEJWsRcsTk3uN5TZFfAdrZ31L%2BoRMYyubgVS7kJKeEuLdfgvLUao%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 17:20:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72101&min_rtt=70442&rtt_var=1020&sent=1595&recv=225&lost=83&retrans=83&sent_bytes=1860391&recv_bytes=20756&delivery_rate=7074253&cwnd=509879&unsent_bytes=0&cid=936bfca340e2b8c8&ts=3456&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 16:16:56 GMT
content-type: image/png
last-modified: Sun, 13 Nov 2022 18:57:38 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f383873ea292f73-LAX
x-server-grid: C1
accept-ranges: bytes
content-length: 2991
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 container.html
e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD88 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nilotrip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 16:16:55 GMT
expires: Tue, 17 Dec 2024 16:16:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.cloud.incred.digital
URL: https://cdn.cloud.incred.digital/wrapper/plugins/inc_day-shift.min.js

Domain: nilotrip.com
URL: blob:https://nilotrip.com/ad780db9-27f7-4fa7-a5cc-d4a11ddee43c

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=3079833594236851&bg=!jY6ljsHNAAbtGp3CzRo7ADQBe5WfOAd0CmqfUF4cxqDLurCEvgeHrKEP1V9ZMz555cU_AJRUuI4jzFJRMFTxC9-OXBTdAgAAAE1SAAAABGgBB34ANuFIlhdH3u3rOug4sYeN9vC8-7CyC9rX9CZjLigRctAEsvfqy6D1J8ioyb45QUGB3zv3Pxvv8ZkCrbx9MLdDs2Kiw7sDFkJ898Be3eovcHXtB85n4YbE7NlEWSYgyEAqKewib_BjY3Nk2ffXnAVTqOPUtPtoUhlx0n-cCC7uh9lWPrP-A0ZT_ZwnvU9_OGAwJH-moGY4XdUwpT0nYXM8og-3G7se-Tu8W0CeA-IpWra2LwTF9_goQCBjsbYMHf4d8rEk0ONy26I5OoHdYOpC_-sybiVpI5xcjhDLuOZGlqqmB7UpartEsTa8BMmbTjiPjeVhvIBDIM7m6fPhMD8Wfj2gxgHeNyu5US5doKNMhU_8wCEmmHKmyDVwI3koP5niaFQgwt0Cqw4Dym_zjbNvCvss6L66wCHjanlBEjFVIgYRRpLh6CMClKeE85bka50asCTlRzAZdruIqDtoIyrQJhdoIoONE01nyYfJnViMypnRo3DFVMnxUMLZEGea4mdDxCsyki3WPh1cjDFvIMr4u9vnKK9ZHQiN7htrarXmhX0m22J9yg0zxwFOz_vwI4Oa5MqiczsBccZZGvNRn_AFeneWD7J342Q4VrNuEu59v_IadRP0sFXwxtgHfAzTFesDUrcCcQcIPqbh-VeEaoC-wP30E8B30WHPW6qsn6z0KIEhcF8XhTGfJG8P0Bkp-WH_MBw6cgFakEX2D5yD-aMGFIeXfYsZc491qAN5dV2KWP120kEsdmCOA8na4--5yfuMDEAZGv70J18JpL_Q-KQnmrTi9OoNsZJXCdZkvDgIL-r1us42934xRudU10G-C-QgN-ZZYRpEeOl4Hbikp95pYLISV9MLSne0--APxYk0VYRK-ESVMLByzuc96_jQ7p2vMWEmAWv6IAurK82zbcXgxZ0PR75kW6We4c88RYbB7AXo3kBkaMImcsn6G3__hJtDluIC3kIqvTVkuDLuT-DpHrUDAwp3EW4

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nilotrip.com/	1970-01-21 10:33:08	Name: __SPUN_ID Value: hFrsR6J3TLYw1YRC
nilotrip.com/	1970-01-21 11:13:27	Name: _pk_id.7.8b6a Value: 93f47cbc086da0d8.1734452215.
nilotrip.com/	1970-01-21 01:47:34	Name: _pk_ses.7.8b6a Value: 1
.openx.net/	1970-01-21 10:33:08	Name: i Value: 12b19577-c795-4b5f-a600-39ea3fde75d4\|1734452215
.crwdcntrl.net/	1970-01-21 08:16:19	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 08:16:19	Name: _cc_id Value: 490d802aec8d49251d2fb90e25ad5015
.nilotrip.com/	1970-01-21 08:16:20	Name: _cc_id Value: 490d802aec8d49251d2fb90e25ad5015
.nilotrip.com/	1970-01-21 01:48:58	Name: panoramaId_expiry Value: 1734538616058
.criteo.com/	1970-01-21 11:09:08	Name: uid Value: d8d169cb-c717-4806-b278-4881ae277160
.criteo.com/	1970-01-21 11:09:08	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 02:09:08	Name: pd Value: v2\|1734452216\|vMgavPkWgy
.adsrvr.org/	1970-01-21 10:33:08	Name: TDID Value: b8cff9a8-1e18-4652-8f0d-bbbcec8f438e
.adsrvr.org/	1970-01-21 10:33:08	Name: TDCPM Value: CAEYBSABKAIyCwiWkdvUnrDPPRAFOAE.
.doubleclick.net/	1970-01-21 01:47:33	Name: test_cookie Value: CheckForPermission
.yahoo.com/	1970-01-21 10:33:29	Name: A3 Value: d=AQABBPijYWcCELj1QZbiL7WSBAHcOIEWbv8FEgEBAQH1YmdrZwAAAAAA_eMAAA&S=AQAAAoZpOmPCW6x8XCMiQsOUIJI
.nilotrip.com/	1970-01-21 11:09:08	Name: cto_bundle Value: 8To62F81TVRhdzFHZkFOdEkxWlJ6TkdQTVQ4Y0NMNGNGYlElMkY1cFJYNGVIbkN0blU0aU5aQ1FnVCUyQnBGMWFvdDByUU9tYk9rcGh4bE1RYzlVTCUyQndMVWtHaUVBSkpBVnVxZ25Pd1V6OWZ5cGVyZTVYWlUxajBDY3BoT01NTTBHWmdvM0FOWlNGdXp5MTVNWUtPTiUyRmhKTU40VnlxWkk1MTlxelc1cHlETU1KSExPelcyZyUzRA
.amazon-adsystem.com/	1970-01-21 06:29:46	Name: ad-id Value: Ax4oPfLDi02EmMTbVQqlA3Y
.amazon-adsystem.com/	1970-01-21 11:23:32	Name: ad-privacy Value: 0
.nilotrip.com/	1970-01-21 11:09:08	Name: __gads Value: ID=ae1c1dfcdcd3ed55:T=1734452215:RT=1734452215:S=ALNI_MYXcpqIzQXj5TpGDxSGxHmakaUDkw
.nilotrip.com/	1970-01-21 11:09:08	Name: __gpi Value: UID=00000f8279be9ac9:T=1734452215:RT=1734452215:S=ALNI_MYCAmUW1QLi5BfFamxvaV8jBArPIw
.nilotrip.com/	1970-01-21 06:06:44	Name: __eoi Value: ID=bda0c3203d1d3db5:T=1734452215:RT=1734452215:S=AA-AfjbE14rXnp7JCG-8HSUQM-Al

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cloud.incred.digital/wrapper/plugins/inc_day-shift.min.js Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.spun.com.br
api.adseleto.dev
bcp.crwdcntrl.net
cdn.cloud.adseleto.com
cdn.cloud.incred.digital
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
custom-targets.cloud.adseleto.com
e748c722513b8d0c14f185c91cb94b66.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
esp.rtbhouse.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
matomo.incred.digital
nilotrip.com
oa.openxcdn.net
oajs.openx.net
one.one.one.one
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
www.google.com
www.googletagmanager.com
cdn.cloud.incred.digital
ep1.adtrafficquality.google
nilotrip.com
1.1.1.1
108.138.128.28
141.95.98.64
142.250.65.194
142.250.80.4
142.251.41.2
172.67.140.50
172.67.157.252
172.67.163.50
172.67.171.187
172.67.69.4
2600:9000:2511:aa00:a:e047:754:f4a1
2606:4700:10::6816:3556
2607:f8b0:4006:808::2001
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2008
2620:100:a00b::12
2620:100:a00b::4
2a04:4e42:200::485
34.102.146.192
34.120.107.143
34.96.70.87
35.173.157.167
35.190.39.111
35.244.159.8
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
0781977142043ff246495cba54d823cf45e9174be760159499c5ad46008f007d
142fd90f3a0889ec7228533873fc94c25aba4e7b6b5e7d75618076f91334e272
14bc3c55518c765eca51d2859178c75de369c3f45d36485988f82aab41721ec6
14cd7fac99f64592258e5ef9a11a972613c4d6925177df2b241315bafb9da61c
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
186bf54ba20ce1ab67bad83a3bb082cce1e5c21fdea3d01a9f7852352f361e4e
199a9f344ebfe841459996481860b87002085a13c0a8b49ec91fb38c1836553f
1a002639a5ba88b980496bb20abdb5510fb99718dc6773d6054077e2f5a9c226
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3f4b359e6d8709ddc10dcd7ebbf93126c526e3a0a5e97149e9e84b7e2035fc0f
45a487cba384adb51e4b69df979a57b6ab9815e2ce579c254a30829701a206d3
46edd4a5ef7f36ac3e71ca666caf6db0a0233e1df101a958aecd263529ebb8c8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5afd2f900acc8c1102f1538b33718c33e9eca6eddf0510341569ffdffbf15cd8
5c071e05fbce27f0ea5122c6d8708d914ba6c0c1a62ebc98bb9606ae6a2aca4a
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2
60ccea6605d653b8eddc2bb344f83441b6e2a757290d4b531e6a8e353791ac2c
6651c182d05375a1f0f029a8934d7a852908ec265c6bbca96e0ff87b7d968695
69bff0241ecba4b6eb411e4a5321e97310617fa9f18f99f39b49186a219c50cf
6a3b8bb18a6ce6270631c83a749d837d826186c1610079ccdc8251f3e5bd481c
6d60e3b25e56d35148888b5a08c8eb0ff3806f9698d4f6f54a35eab7d27f4c2f
744585bb754105e6b516a119b5f10fe1a883188fdbec20044de7eea8570d3a53
755de43a2ee5da48c9b14093ade133c267f727ff10e9f70953378343887aeb5c
7adb2428db068d70bd39db06b228c275d120d3a6befbbc612836ed9a7686c713
8137cf1870430460999ec4cc7e954e08a00d126721af5d6954c4b8bba59e5754
8e8a3ca0ea2bae6770aa54a3eff6c6758086dd409856adfdb70b2901d73afc0e
90f9bc234e51b7443310c9b8babb1d62c47047ca3ae2fc2d6f5b7411387cf949
9366fed80a3c81ee10a8275c965358e99a83bf2d0bcf97f837c8e9b6ac4b64ae
9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3
9cb7f22a5891ffbce929a598ccc86e6684a3ddfe3252e3a211883981c242a04f
9f25902553adbfb0c48b9375fd849ff90a6056ac124a87ae7a19db0e01dd422c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d52e194584784f55fb673838961fbf6767d1c091fd80a05b36aec1e2e341a9
b1db48e29a1ebed5acb8df657e762e58f93d6d3a72da63fecccd7ec645161f5a
c51eebc57c55c6df4b9c5a008e2401df6487efcf350a96ceaee1fc0fb1c2f37f
cb8fac376f394b4154f901255a03e6d49fe4f094fb8959081209f600a932efe0
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d86df284a64828cfa71fea050c3f3aaa00ccdaf13e071e1263c024268ec43872
ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54dce0f42633ee02645215038615a7572db87622c34adb5b28d1c753a981807
f090562bcb1f146b9761474a2f2221e4b4f9b3fca9f24d2cedde6a166d88bd3b
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f9fa3f511d6f7387d2afb09cb74d4e5f9abe1781483f9eb9bd06da838ce341ee
fb4fd881e8a1c92ce9138a6453f1682536960e9e8f45dddaa04d8cfcb7f5f8fc
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

nilotrip.com Open in urlscan Pro 172.67.163.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

94 %HTTPS

32 %IPv6

21 Domains

27 Subdomains

26 IPs

3 Countries

2311 kBTransfer

3980 kBSize

21 Cookies

0 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nilotrip.com Open in urlscan Pro
172.67.163.50 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

94 %
HTTPS

32 %
IPv6

21
Domains

27
Subdomains

26
IPs

3
Countries

2311 kB
Transfer

3980 kB
Size

21
Cookies

66 HTTP transactions
1 data transactions