site10.tripnomadic.com Open in urlscan Pro
188.114.96.9  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response site10.tripnomadic.com/	22 KB 7 KB	554ms 515ms	Document text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5ac823edaf483644392957b0d40a770b5d2f3924740d0567dfb9362dcbefd37 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f11522c2d9bb8d0-AMS content-encoding zstd content-type text/html date Thu, 12 Dec 2024 22:58:46 GMT last-modified Thu, 12 Dec 2024 14:26:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8iBkaqFfI%2FIFzXxhscskiRGw6ZX1AuiEUFh%2BVEpcZ7%2FF3V5NqFVljGlyIhMeyxdS6GoQfbNIBqr0RHJPTmJIpY1wFMKNNQb%2FlVAsCd263uQI4FjxW5399Lxs5HcC%2F5WHhKYcz9o80kF"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=14869&min_rtt=14694&rtt_var=2516&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4492&delivery_rate=705&cwnd=12000&unsent_bytes=0&cid=8275d0f55e182193&ts=522&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	104 KB 33 KB	169ms 65ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash bfa4b8e0fbfc66b2f35a8b6b9c83636fd46b60c8187da84ad42f961e759cc040 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding br etag 570 / 20069 / m202412090101 / config-hash: 16425719540065603172 x-content-type-options nosniff expires Thu, 12 Dec 2024 22:58:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 22:58:46 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33551 x-xss-protection 0 server cafe
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.4.3/	21 KB 7 KB	79ms 22ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.3/firebase-app.js Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d3cc3c58d05b610ac35646da2ff63e24204e239c6b9021c0b3106295feddb26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding gzip age 130839 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Thu, 11 Dec 2025 10:38:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 11 Dec 2024 10:38:07 GMT last-modified Thu, 29 Apr 2021 21:06:52 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 6763 x-xss-protection 0 server sffe
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/8.4.3/	40 KB 11 KB	85ms 29ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.3/firebase-messaging.js Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding gzip age 113679 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Thu, 11 Dec 2025 15:24:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 11 Dec 2024 15:24:07 GMT last-modified Thu, 29 Apr 2021 21:06:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 10908 x-xss-protection 0 server sffe
GET H2	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/8.4.3/	35 KB 11 KB	80ms 24ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.3/firebase-analytics.js Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7c0459e0f05e41ff894a1973b2d203434282aff8daf4605c3021d1cd61eaf12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding gzip age 222501 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Wed, 10 Dec 2025 09:10:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 10 Dec 2024 09:10:25 GMT last-modified Thu, 29 Apr 2021 21:06:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 10774 x-xss-protection 0 server sffe
GET H3	200	service-worker.js Show response site10.tripnomadic.com/	10 KB 4 KB	534ms 533ms	Script text/javascript	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site10.tripnomadic.com/service-worker.js Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2aa7547c5697d104493a37442139fac24532f27c73c421f1a846ac4cff878e8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"27b0-672f5bfe-3fc144;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqBCnTulQX4b%2BUhMpjG8g6J8kNAGSjyo9uIPRihpiMKpzRyvjS2CwEOaK2eCAVOodi9lIIz2FobF%2BXNnQDIUdmo8mjEg2DwOhVzQpc2ZOznzv1QlXLvuU37EJsyeSYTeS5Bu3mlqN4HO"}],"group":"cf-nel","max_age":604800} cf-ray 8f11522f68e6b8d0-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14839&min_rtt=14580&rtt_var=978&sent=19&recv=15&lost=0&retrans=0&sent_bytes=11876&recv_bytes=5235&delivery_rate=528930&cwnd=12000&unsent_bytes=0&cid=8275d0f55e182193&ts=1060&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 22:58:46 GMT content-type text/javascript last-modified Sat, 09 Nov 2024 12:56:30 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	firebase-messaging-sw.js Show response site10.tripnomadic.com/	3 KB 1 KB	535ms 535ms	Script text/javascript	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site10.tripnomadic.com/firebase-messaging-sw.js Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45d9ad47ca2df62b0b14d9b11554ff933eac67dbff8234077de132283d80cf9c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"a09-672f5bfc-3fc17f;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lPB9OhKajj9ZKiry0oWWwGUb0WLZH9QZgHY%2B1aSZx1dwh86iAO2uskB%2Fx11T8XJwj7QVRqNeDiY87rzcNefXRktaLm5ScuSWImbagbNqUZwS8fDmssgrFQbXXfmECm7YZObYmKFRywq"}],"group":"cf-nel","max_age":604800} cf-ray 8f11522f68e8b8d0-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14839&min_rtt=14580&rtt_var=978&sent=23&recv=15&lost=0&retrans=0&sent_bytes=15654&recv_bytes=5235&delivery_rate=528930&cwnd=12000&unsent_bytes=0&cid=8275d0f55e182193&ts=1061&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 22:58:46 GMT content-type text/javascript last-modified Sat, 09 Nov 2024 12:56:28 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	auth.php Show response www.freevisitorcounters.com/	2 KB 1 KB	103ms 72ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.freevisitorcounters.com/auth.php?id=6e428a38f85c2fce1f1cd9bb2d3b20e8dc926fbe Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00392f7bbe72065312871f6711e8b2d27156d6bfbba59319c8f9f883f05fad56 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U110dXtQR6acDnpQC15oJ09CyPgv%2FREInODlPlXVTJ%2FvsGGvLNmJKLMGi8GvnGLkKHMWJwdm1ktGqrOLT3aL1fSpmIIaSo6mpzHIyekIHpuWUW6JAj6%2BjBqQ9Kf8VR0JV1NyQQlxFCdB%2BiDlPgs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f11522f9e860ba8-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14714&min_rtt=14670&rtt_var=3122&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4701&delivery_rate=39651&cwnd=12000&unsent_bytes=0&cid=7eb21b1c5259ff20&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 22:58:46 GMT content-type application/javascript vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H3	200	0 Show response www.freevisitorcounters.com/en/home/counter/1276637/t/	222 B 911 B	967ms 936ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.freevisitorcounters.com/en/home/counter/1276637/t/0 Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef5d58971ef88d63e3c63d4801bad348c3149585525b041d88c85bee00389012 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhSbI3Wa11J4WaDr42biG84r1WpuJW%2FvT%2FTyDW%2BIXvBcVyrEeW7OQFTTq%2Bitc9H%2FdvRikfZK0dvDfpxt4i3FNNT8DDgC9%2FXuHE8uzgVrQGhrZqqQINtUAFEJhvVXtVix09r8pIuix1cwNCi2jn0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f11522f9e870ba8-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14904&min_rtt=14670&rtt_var=2056&sent=13&recv=12&lost=0&retrans=0&sent_bytes=5675&recv_bytes=4788&delivery_rate=101138&cwnd=12000&unsent_bytes=0&cid=7eb21b1c5259ff20&ts=940&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 22:58:47 GMT content-type application/javascript vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/	492 KB 153 KB	50ms 50ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding br etag 5395541545685299795 age 19690 x-content-type-options nosniff expires Fri, 12 Dec 2025 17:30:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 17:30:36 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 156760 x-xss-protection 0 server cafe
OPTIONS		checknotificationcode push.policyplayer.com/api/User/ Frame	0 0
POST		checknotificationcode push.policyplayer.com/api/User/	0 0
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/	63 KB 22 KB	31ms 30ms	Other text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 4443559573512225521 age 75348 x-content-type-options nosniff expires Fri, 13 Dec 2024 02:02:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 02:02:58 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=86400, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 22952 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202412050101"
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	1 KB 359 B	182ms 129ms	Fetch text/plain	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=1513376268631694&correlator=1875253635598034&eid=31086815%2C31089315%2C31089319%2C31085777%2C95344999%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=21952429235%3A22463289378%2Cbe_tripnomadic_ads3%2Ctts_tripnomadic_res&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%2C1x1&ifi=1&sfv=1-0-40&ists=1&fas=0%2C11&rbvs=1&sc=1&abxe=1&dt=1734044326985&lmt=1734013592&adxs=632%2C-9&adys=98%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsite10.tripnomadic.com%2F&vis=1&psz=1584x280%7C0x-1&msz=1584x280%7C0x-1&fws=0%2C2&ohw=0%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734044326294&idt=676&adks=3318427421%2C2023321043&frm=20&eoidce=1&td=1&egid=58239&tan=a5865dc1-c69b-4f7b-92a5-25b35302255e%2Ca5865dc1-c69b-4f7b-92a5-25b35302255f&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 6995a4265e4049940d21ba68e3c2a6bd1baa024125bf083412055794c6faa5b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding br google-lineitem-id -2,-2 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2,-2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 12 Dec 2024 22:58:47 GMT content-type text/plain; charset=UTF-8 google-creative-id -2,-2 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://site10.tripnomadic.com content-length 330 x-xss-protection 0 server cafe
GET H2	200	container.html 67dc44d56c9be9f2c42b9e2ab331b59c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE70	0 0	136ms 57ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://67dc44d56c9be9f2c42b9e2ab331b59c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://site10.tripnomadic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 22:58:47 GMT expires Thu, 12 Dec 2024 22:58:47 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	0 www.freevisitorcounters.com/en/counter/render/1276637/t/	3 KB 4 KB	50ms 50ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.freevisitorcounters.com/en/counter/render/1276637/t/0 Requested by Host: site10.tripnomadic.com URL: https://site10.tripnomadic.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab06b741fbed4f5f5fbf6baa686cabdbc0e762abbefdd956718e0507e7400832 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0p6fG4spNe%2FhKJaAhR78JSyGw26BW83mLsFFGfyLcdZiu6SiUm%2FXIdBa5wJACxh5MsCXyBjFBZ4JpvwgF6pxbhIVuyc2GQSh9YcK%2F74liguDoENctBj92fzyQEYbD2jl7LV1egF3AogLqYcmkLs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f1152357b870ba8-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15289&min_rtt=14670&rtt_var=2310&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6633&recv_bytes=5154&delivery_rate=51953&cwnd=12000&unsent_bytes=0&cid=7eb21b1c5259ff20&ts=992&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 3349 date Thu, 12 Dec 2024 22:58:47 GMT content-type image/png server cloudflare priority u=3,i
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	77ms 39ms	XHR application/json	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 4e9efb45a0124a6fa734c03863d7106f7ec57a77db6786c18eb793e94578598c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13273 date Thu, 12 Dec 2024 22:58:47 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	404	favicon.ico site10.tripnomadic.com/	1 KB 1 KB	513ms 513ms	Other text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site10.tripnomadic.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers cache-control private, no-cache, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2T4NdcKN4NRG4rW%2B0EOMdThfFcTu7GSXptjVSa70Mkz8MfEnBli16OR5uHcZecflFSSlZiU0zTmOU0%2B41aPeKWtb%2Fzrw32xevyLoVPM2%2BqoTqxns4WbO8WqidbmEO0NFkVLVikJA%2F57e"}],"group":"cf-nel","max_age":604800} cf-ray 8f115235cf1fb8d0-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15973&min_rtt=14479&rtt_var=2766&sent=28&recv=21&lost=0&retrans=0&sent_bytes=17904&recv_bytes=6213&delivery_rate=14109&cwnd=12000&unsent_bytes=0&cid=8275d0f55e182193&ts=2063&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 22:58:47 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	18 KB 7 KB	117ms 52ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site10.tripnomadic.com/ Response headers content-encoding gzip etag "1727224258380615" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Thu, 12 Dec 2024 22:58:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 22:58:47 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 6445 x-xss-protection 0 server sffe
GET H2	200	runner.html ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 55CF	0 0	99ms 49ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://site10.tripnomadic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 860 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 22:44:27 GMT expires Thu, 12 Dec 2024 23:34:27 GMT last-modified Mon, 23 Sep 2024 18:12:21 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar ep1.adtrafficquality.google/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

push.policyplayer.com

URL

https://push.policyplayer.com/api/User/checknotificationcode

Domain

push.policyplayer.com

URL

https://push.policyplayer.com/api/User/checknotificationcode

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1513376268631694&bg=!k5ClkN_NAAbtGp3CzRo7ADQBe5WfOJw4NeX4pouPfMEMbc1hytR0T98fH0p5GjZ9hQODStXG8fHtYrpDAosJ-57ItgNpAgAAACBSAAAAAWgBB34ANlouosZ5SSg_qQdMrSmAShHxRyXaUdjSmx308phU6xExx_LvR6u7dqnsuaMZnAGE-E_R6YDw8QoAmEbZOaCQbM7JmQw6lLe983E-GBpirWcODgm3TgF0pBTGvcR2GnC140gS7846GYmeiPmNDc2lA-zpUOzm0ouF_stFdWoYACb7CjcDl6BWVDgyn0ReC65r9hMuUdKMjBUUnROcqvXvxnrpS4zlASyqws-pFgEhgcpsJrZVGZIGPatc3qIOWTMQrkdm-1L2J13G5kvm5uKIqmRhmQK8X9o_xSDQPyzyWpvLKk_zOjlQPnoarEyDRaCjgAohTdgCtF5JPkD8u1DkpyKNqzOvOGEAAqf82qeOdjJI1f2AWD3ckrDH4m1J9kTs_fBR90l4zozMTi61HeudskLaTfFL11v6xub-P74mLkm20VxCYjHTNK7_8xpBpAVUfRgT0-6E_06V9M9it3Wbi_nSDmiaI8t1L7bYqiczQwlM398bKSXSYE2krNx0PQBHBtYph8x9-K3U0EURkv3F7bOM-_p8dyumodTzQITAyxzcr_H9x1tcvsOgS8wBhkJ6qg0OYzIfhB4SazU6exAZBP367WN2mPTe0pQBVyBuz_kXMsJRMZF5O8wNI0WYG89AQO6M-DyZvLwLtpRmmtP04uejggZ6bv8AVreLW6f8Uu8p8VU1PwPAsQGZDEPH-Qla4iUEwP_h3laZFf40Ylq626OYp9F3Hb8zoiA_rBcjBZoLz8-E-ZzZ9-7l0DxiZKxYzzN3MqEVyrv6stLnqtRWSaxtD-q6HUHMlAawR3e1AHKUAJKCU-sOYDgvvnGotgcuV-fGrENZqHb3NHpTeZX9eP6hBr_-FA_pJVIRzqx7_cjSxnKH9ru7cmNOH305BBtn61G5ugSaBFdSPY5UTkovwsbjYjpRzfGAzOoWMtE2gbtbaIMis8b605bmeXjj4tfLr9jIO4DAroDpP0yZ4z4kmj8hSriRBF90YNqy8_4XrLkjBYd486mAWT6ZzZz18pkRaIB09CWW-ub-nKt1nl0FrPB11jC8zNdLBshT2a8EpPEeNgk-mwuEmy4V7QDiVx4S03013tnw8JRnNzttaGST_ouNjM9fd0kNH_odosEa-uqKmfjbMNEn4UykXGx2oS3RNSQJ7gf40skd2sqYV_CFAVIosTPvSYzi1DYCZyy-w8LfrffHHkaFXdpFQ9YjtJHDDg

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| googletag object| rewardedSlot function| dismissRewardedAd function| displayModal object| firebase object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue string| urlcurrent string| WebsiteCode string| WebsiteName function| callnotification function| checknotificationcode function| opennotification function| isMobileDevice function| getBrowser function| getOperatingSystem function| notificationupdate function| updatenotification2 function| openmypushNewWindow function| openpoup2 function| openpoup function| notificationdata function| callnotification_amp function| checknotificationcode_amp function| notificationdata_amp function| onMessageReceivedSubscribe function| onMessageReceivedSubscriptionState function| onMessageReceivedUnsubscribe function| broadcastReply function| clicknotification function| trimTrailingSlash string| ctrHref string| ctrHref2 function| eInDoc function| lCheck boolean| linkfound object| google_reactive_ads_global_state number| google_unique_id object| els object| el string| linktext object| linkToHide object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tripnomadic.com/	1970-01-21 05:59:56	Name: __eoi Value: ID=9b8b3497f6db6425:T=1734044327:RT=1734044327:S=AA-AfjYuDhJjA76tN0g3k4Ys2eU-

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://site10.tripnomadic.com/ Message: Access to fetch at 'https://push.policyplayer.com/api/User/checknotificationcode' from origin 'https://site10.tripnomadic.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://push.policyplayer.com/api/User/checknotificationcode Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://site10.tripnomadic.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67dc44d56c9be9f2c42b9e2ab331b59c.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
push.policyplayer.com
securepubads.g.doubleclick.net
site10.tripnomadic.com
www.freevisitorcounters.com
www.gstatic.com
ep1.adtrafficquality.google
push.policyplayer.com
142.250.186.130
142.250.74.194
172.217.18.2
188.114.96.3
188.114.96.9
2a00:1450:4001:800::2001
2a00:1450:4001:810::2003
2a00:1450:4001:829::2001
00392f7bbe72065312871f6711e8b2d27156d6bfbba59319c8f9f883f05fad56
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
1d3cc3c58d05b610ac35646da2ff63e24204e239c6b9021c0b3106295feddb26
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
45d9ad47ca2df62b0b14d9b11554ff933eac67dbff8234077de132283d80cf9c
4e9efb45a0124a6fa734c03863d7106f7ec57a77db6786c18eb793e94578598c
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
6995a4265e4049940d21ba68e3c2a6bd1baa024125bf083412055794c6faa5b0
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
ab06b741fbed4f5f5fbf6baa686cabdbc0e762abbefdd956718e0507e7400832
b5ac823edaf483644392957b0d40a770b5d2f3924740d0567dfb9362dcbefd37
bfa4b8e0fbfc66b2f35a8b6b9c83636fd46b60c8187da84ad42f961e759cc040
c2aa7547c5697d104493a37442139fac24532f27c73c421f1a846ac4cff878e8
e7c0459e0f05e41ff894a1973b2d203434282aff8daf4605c3021d1cd61eaf12
ef5d58971ef88d63e3c63d4801bad348c3149585525b041d88c85bee00389012
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99