www.nomesdefantasia.com Open in urlscan Pro
2a01:7e00:e000:27a::1201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nomesdefantasia.com/
Effective URL:
https://www.nomesdefantasia.com/
Submission: On February 19 via api (February 19th 2024, 1:59:58 am UTC) from US — Scanned from GB

Summary HTTP 79 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 79 HTTP transactions. The main IP is 2a01:7e00:e000:27a::1201, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.nomesdefantasia.com.
TLS certificate: Issued by R3 on February 12th 2024. Valid for: 3 months.

This is the only time www.nomesdefantasia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2a01:7e00:e00... 2a01:7e00:e000:27a::1201	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	35.187.184.108 35.187.184.108	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
7	184.30.17.133 184.30.17.133	() ()
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	132.226.214.62 132.226.214.62	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	35.244.170.237 35.244.170.237	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2.18.161.148 2.18.161.148	16625 (AKAMAI-AS) (AKAMAI-AS)
79	20

8 2a01:7e00:e000:27a::1201 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.nomesdefantasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.187.184.108 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 108.184.187.35.bc.googleusercontent.com

rtb.ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.17.133 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.214.62 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com

static.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.161.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-148.deploy.static.akamaitechnologies.com

travel198849194933.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	470 KB
10	travelaudience.com rtb.ads.travelaudience.com — Cisco Umbrella Rank: 113125 ads.travelaudience.com — Cisco Umbrella Rank: 7144 static.travelaudience.com — Cisco Umbrella Rank: 55840 Failed	117 KB
8	moatads.com z.moatads.com — Cisco Umbrella Rank: 814 mb.moatads.com — Cisco Umbrella Rank: 1066 px.moatads.com — Cisco Umbrella Rank: 660	115 KB
8	nomesdefantasia.com 1 redirects www.nomesdefantasia.com	11 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	77 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1221 syndication.twitter.com — Cisco Umbrella Rank: 1517	148 KB
5	moatpixel.com travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 49138	1 KB
3	gstatic.com www.gstatic.com	17 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	33 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 605	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	90 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	2 KB
1	reddit.com www.reddit.com — Cisco Umbrella Rank: 3011	1 KB
79	14

	Domain	Requested by
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	www.nomesdefantasia.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.nomesdefantasia.com	1 redirects www.nomesdefantasia.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	static.travelaudience.com	rtb.ads.travelaudience.com
6	px.moatads.com	rtb.ads.travelaudience.com
5	travel198849194933.s.moatpixel.com
4	platform.twitter.com	www.nomesdefantasia.com platform.twitter.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	ads.travelaudience.com	rtb.ads.travelaudience.com
3	fonts.googleapis.com	rtb.ads.travelaudience.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com www.nomesdefantasia.com
2	ssl.google-analytics.com	www.nomesdefantasia.com
2	connect.facebook.net	www.nomesdefantasia.com connect.facebook.net
1	www.facebook.com	connect.facebook.net
1	mb.moatads.com	z.moatads.com
1	z.moatads.com	rtb.ads.travelaudience.com
1	rtb.ads.travelaudience.com	googleads.g.doubleclick.net
1	www.reddit.com	www.nomesdefantasia.com
79	20

This site contains links to these domains. Also see Links.

Domain
www.nomes-para-bebes.com
www.reddit.com
www.dehumanizer.com
tools.dehumanizer.com
www.fantasynamegen.com
www.nombresdefantasia.com
www.nomsdefantasy.com
www.nomidifantasy.com
de.fantasynamegen.com
blog.fantasynamegen.com

Subject Issuer	Validity	Valid
www.nomesdefantasia.com R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
rtb.ads.travelaudience.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
ads.travelaudience.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
static.travelaudience.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.nomesdefantasia.com/
Frame ID: 8A14F78C32403439B9809FCFA7EDD471
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: F3BDD3CCBD2303ECD1C4051628B1D9AB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomesdefantasia.com
Frame ID: 0BA5CF238613F931705395CE0B44A255
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&lmt=1708307994&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708307993900&bpp=2&bdt=231&idt=323&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=235020507026&frm=20&pv=2&ga_vid=81785705.1708307994&ga_sid=1708307994&ga_hid=1840472409&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081186%2C44798934%2C95322746%2C95324580%2C95325067%2C31081078%2C95322183%2C95324154%2C95324160&oid=2&pvsid=1288529658798516&tmod=1570154935&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: 00B58F9D7057B0EA5C1BCF628C633BE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1708307994&format=160x600&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708307993902&bpp=1&bdt=233&idt=331&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=235020507026&frm=20&pv=1&ga_vid=81785705.1708307994&ga_sid=1708307994&ga_hid=1840472409&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081186%2C44798934%2C95322746%2C95324580%2C95325067%2C31081078%2C95322183%2C95324154%2C95324160&oid=2&pvsid=1288529658798516&tmod=1570154935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=333
Frame ID: 704307E3AA0E3ECD033EE708E1E557D6
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Frame ID: 3F9D7C8AFCF6689B2CA83741E8E5DD4E
Requests: 2 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Frame ID: A41756FDEBFC8259CF95080B9280412D
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 77B40DA5EF7D87CC366624F1FD2FC78C
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C97C07027F37EEDB5BB35FF4AD329307
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E91C5DFE1F12A2B5D76726AFCD1E7DC6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: 797A36283A9A263C0AFC4A22E5512F38
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0b555cbdb244630a%26domain%3Dwww.nomesdefantasia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomesdefantasia.com%252Fff3df26d4a6bbbcaa%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomesdefantasia.com%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=true
Frame ID: 959E592EB3884DB51BC45116F9DB4607
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52F49D9853BC66EA0DA010070FB907F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2AAB0F438CB8171A730259A5E3D9987
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gerador de Nomes de Fantasia

Page URL History Show full URLs

http://www.nomesdefantasia.com/ HTTP 301
https://www.nomesdefantasia.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

79
Requests

99 %
HTTPS

58 %
IPv6

14
Domains

20
Subdomains

20
IPs

4
Countries

1100 kB
Transfer

3163 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nomes-para-bebes.com/
Title: Nomes Para Bebés

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit

Search URL Search Domain Scan URL

URL: https://www.dehumanizer.com/
Title: Dehumanizer.com

Search URL Search Domain Scan URL

URL: https://tools.dehumanizer.com/
Title: Outras ferramentas

Search URL Search Domain Scan URL

URL: https://www.fantasynamegen.com/
Title: English version

Search URL Search Domain Scan URL

URL: https://www.nombresdefantasia.com/
Title: Versión española

Search URL Search Domain Scan URL

URL: https://www.nomsdefantasy.com/
Title: Version française

Search URL Search Domain Scan URL

URL: https://www.nomidifantasy.com/
Title: Versione italiana

Search URL Search Domain Scan URL

URL: https://de.fantasynamegen.com/
Title: Deutsche Version

Search URL Search Domain Scan URL

URL: https://blog.fantasynamegen.com/
Title: Blog (em inglês)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nomesdefantasia.com/ HTTP 301
https://www.nomesdefantasia.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nomesdefantasia.com/
Redirect Chain

http://www.nomesdefantasia.com/
https://www.nomesdefantasia.com/

11 KB
4 KB

93ms
32ms

Document
text/html

2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

a48e00cdea361c458a2fbbf6cc7ec5ad78e917898020772fa8d7b143f2340001

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: br
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 01:59:53 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.24.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Mon, 19 Feb 2024 01:59:53 GMT
Location: https://www.nomesdefantasia.com/
Server: nginx/1.24.0 (Ubuntu)

GET
H2 200 style.css
www.nomesdefantasia.com/ 3 KB
2 KB 30ms
29ms Stylesheet
text/css 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nomesdefantasia.com/style.css

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 May 2015 12:55:01 GMT
server: nginx/1.24.0 (Ubuntu)
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: br
etag: W/"5550a6a5-c86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
x-xss-protection: 0
expires: Tue, 20 Feb 2024 01:59:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 153ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

251ee1bc26f892fd85f1820b9de89be57719572cda9f7838eb7de4bab08e98cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51619
x-xss-protection: 0
server: cafe
etag: 11061254211164661523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 19 Feb 2024 01:59:53 GMT

GET
H2 200 spreddit7.gif
www.reddit.com/static/ 688 B
1 KB 93ms
28ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reddit.com/static/spreddit7.gif

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
last-modified: Mon, 14 Nov 2011 00:48:52 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
etag: "02cf565e58da222df50a42ee0ec9ee56"
x-frame-options: SAMEORIGIN
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 688
x-xss-protection: 1; mode=block

GET
H2 200 uk.png
www.nomesdefantasia.com/images/ 284 B
1 KB 30ms
30ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomesdefantasia.com/images/uk.png

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 284
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jun 2013 06:31:10 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "51c7e7ae-11c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 26 Feb 2024 01:59:53 GMT

GET
H2 200 es.png
www.nomesdefantasia.com/images/ 231 B
1 KB 30ms
29ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomesdefantasia.com/images/es.png

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 231
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jun 2013 06:31:10 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "51c7e7ae-e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 26 Feb 2024 01:59:53 GMT

GET
H2 200 fr.png
www.nomesdefantasia.com/images/ 191 B
996 B 31ms
30ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomesdefantasia.com/images/fr.png

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 191
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Jun 2013 06:11:49 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "51ce7aa5-bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 26 Feb 2024 01:59:53 GMT

GET
H2 200 it.png
www.nomesdefantasia.com/images/ 191 B
996 B 31ms
30ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomesdefantasia.com/images/it.png

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 191
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 29 Jun 2018 12:58:38 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "5b362cfe-bf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 26 Feb 2024 01:59:53 GMT

GET
H2 200 de.png
www.nomesdefantasia.com/images/ 88 B
892 B 32ms
31ms Image
image/png 2a01:7e00:e000:27a::1201
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nomesdefantasia.com/images/de.png

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00:e000:27a::1201 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.24.0 (Ubuntu) /

Resource Hash

93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
content-length: 88
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 11 Oct 2020 14:11:18 GMT
server: nginx/1.24.0 (Ubuntu)
etag: "5f831286-58"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
expires: Mon, 26 Feb 2024 01:59:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_PT/ 3 KB
3 KB 134ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_PT/sdk.js

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bc95100019fd1118bc8a776734b3fbb02824f2b205097638572d180f3d8b9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 01:59:53 GMT
content-md5: fQcz8ga56EE+LRsVo807NA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: HRiaSmXM2OVwYMgbL0XgX+jiTelNRbdOMq4Uo+pCxf/CjaoCFO3aaM59PHMt3ZBYKYs3e1ikTW1VphEZ4MYXew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e59ada3752efafd2f75c90f85da299f7
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "48c8b4958ad41ee4ce256213f5be7ae9"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 19 Feb 2024 02:19:06 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 208ms
48ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 01:59:53 GMT
Content-Encoding: gzip
Age: 987
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (amb/6B85)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 147ms
42ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 00:02:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7016
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 19 Feb 2024 02:02:57 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_PT/ 304 KB
87 KB 87ms
45ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_PT/sdk.js?hash=d072e1443dad44ed15685563b3e19b93

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fdc67b695b4ec10f141f76a9da823f6f0e6a4029f669f84bb23cf22838995cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.nomesdefantasia.com/
Origin: https://www.nomesdefantasia.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 01:59:53 GMT
content-md5: 0p4KWfU5EpIbTiWpYemxEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88715
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: AtPpTti2KEGz85RXSQphLiUo/3tFiTbs4GGDXfvYC0xlOix4LlQWfqqru/sHwZ6QIOlj62BrOYpejbWcoDH05A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3bc825469ce91e2df3c97038335f4e49
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "68421fdcfaec4d4db4fd9cff0f40655d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Feb 2025 01:59:06 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 49ms
49ms Image
image/gif 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=835500143&utmhn=www.nomesdefantasia.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Gerador%20de%20Nomes%20de%20Fantasia&utmhid=1840472409&utmr=-&utmp=%2F&utmht=1708307993866&utmac=UA-151199-40&utmcc=__utma%3D255590423.81785705.1708307994.1708307994.1708307994.1%3B%2B__utmz%3D255590423.1708307994.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1808632575&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 406 KB
138 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomesdefantasia.com&aplac=true&bust=31081078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a945a6a1974d5fd1f92ad36d99fbe6d977e245fc6b0eb9fb3a44e050328dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141217
x-xss-protection: 0
server: cafe
etag: 8714945856590173234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 01:59:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame F3BD 9 KB
5 KB 297ms
203ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 24141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 19:17:33 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 19:17:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 0BA5 319 KB
104 KB 50ms
50ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomesdefantasia.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB9) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5992702
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Feb 2024 01:59:53 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB9)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0BA5 869 B
658 B 202ms
139ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e24c4e799066cb494d86be0cd0dd3537184f90a0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.nomesdefantasia.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 19 Feb 2024 01:59:54 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 64e40855597a5976
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 4ad9870010a42150b32a066378885c66ea33e29419a80c25434da0589daf5d7a
content-length: 337

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00B5 196 KB
54 KB 345ms
344ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&adk=1812271804&adf=3025194257&lmt=1708307994&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l&format=0x0&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708307993900&bpp=2&bdt=231&idt=323&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=235020507026&frm=20&pv=2&ga_vid=81785705.1708307994&ga_sid=1708307994&ga_hid=1840472409&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081186%2C44798934%2C95322746%2C95324580%2C95325067%2C31081078%2C95322183%2C95324154%2C95324160&oid=2&pvsid=1288529658798516&tmod=1570154935&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4949354093717732&plah=www.nomesdefantasia.com&aplac=true&bust=31081078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1680ec3cd124971f5cfefd5c47edc481ccb550e8159424687f77fd51f6bb3ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55153
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:59:54 GMT
expires: Mon, 19 Feb 2024 01:59:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7043 35 KB
14 KB 432ms
432ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1708307994&format=160x600&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708307993902&bpp=1&bdt=233&idt=331&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=235020507026&frm=20&pv=1&ga_vid=81785705.1708307994&ga_sid=1708307994&ga_hid=1840472409&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081186%2C44798934%2C95322746%2C95324580%2C95325067%2C31081078%2C95322183%2C95324154%2C95324160&oid=2&pvsid=1288529658798516&tmod=1570154935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=333

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f213ac02ba39f072ad8c2a46f842ec4ce1cd03e1e5220f8a393956ce887b64de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:59:54 GMT
expires: Mon, 19 Feb 2024 01:59:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 49ms
48ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 01:59:54 GMT
Content-Encoding: gzip
Age: 5992701
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (amb/6B85)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html Show response
platform.twitter.com/widgets/ Frame 3F9D 34 KB
13 KB 48ms
48ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.pt.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: 67624eca89cd5a8049792f76cf40796791bc957c95628825f5c3d83d1ad6c3bf

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5992563
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12714
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Feb 2024 01:59:54 GMT
Etag: "a9939cebd5fcfb5da02584a7718324d9+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B85)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 142ms
142ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.nomesdefantasia.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22pt%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1708307994463%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=e24c4e799066cb494d86be0cd0dd3537184f90a0

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 113
date: Mon, 19 Feb 2024 01:59:54 GMT
strict-transport-security: max-age=631138519
last-modified: Mon, 19 Feb 2024 01:59:54 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: c91179b6db09134c
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: 4ad9870010a42150b32a066378885c66ea33e29419a80c25434da0589daf5d7a
content-length: 43

GET
DATA 200
OK truncated
/ Frame 3F9D 471 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/ 166 KB
56 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402070101/reactive_library_fy2021.js?bust=31081078

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2579516813093f72e78458af5c793de76df213048b5422f34565289a5987196c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57351
x-xss-protection: 0
server: cafe
etag: 8662825306196454633
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 01:59:54 GMT

GET
H2 200 rtb Show response
rtb.ads.travelaudience.com/ Frame A417 98 KB
26 KB 142ms
46ms Document
text/html 35.187.184.108
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1708307994&format=160x600&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708307993902&bpp=1&bdt=233&idt=331&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=235020507026&frm=20&pv=1&ga_vid=81785705.1708307994&ga_sid=1708307994&ga_hid=1840472409&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081186%2C44798934%2C95322746%2C95324580%2C95325067%2C31081078%2C95322183%2C95324154%2C95324160&oid=2&pvsid=1288529658798516&tmod=1570154935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=333

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

135ae2c94ade7801a508e4c4fffd31bb2f52554caadc38ab7d222b3f799606c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 19 Feb 2024 01:59:54 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-engine-version: 0.0.0
x-host: deliveryengine-rtb-production-7f9c9cc9f-w7kjq

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7043 3 KB
1 KB 139ms
45ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 01:46:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7043 20 KB
8 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7043 204 KB
61 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 02:39:49 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 77B4 9 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Feb 2024 19:21:35 GMT
etag: 3890843268177463596
expires: Sun, 03 Mar 2024 19:21:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7043 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e09cd7bf9460414ad1357c5aac4cf8c126f34be6077e101c57ca733042d5f1f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame A417 110 KB
31 KB 144ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+SC:regular

Requested by

Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a6090d4a1e5b36eb1362d1a7a29c7f8ac73320c714dfbe6f14955ee70eebad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 01:46:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 01:59:54 GMT

GET
H2 200 el.ashx
ads.travelaudience.com/ Frame A417 631 B
755 B 123ms
45ms Image
image/jpeg 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.2889538019870722&adPos=&ai1=1%3B30000490%3B0%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BVOYFYTXfFPGlQ5nkhfV5eA%3D%3D%3B60022925%3B999%252c1%3B%3B%3B2%3B4%3B50002641%3BC4foKlQVBKhGmcTFfSShvw%3D%3D%3BUSD%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70016095%3BoFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-7d7fbc9b7d-d9qns&bnr=0&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=160x600&gcpm=1081156&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=04&sc=&site=www.nomesdefantasia.com&ssp=0&sv=1&tsf=&ua=&uc=GB&ucy=&uuid=CCF370F2-0E44-4D67-818E-772ED3EDA860&view=&vrt=&vw=&wp=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/jpeg
x-host: tde-deliveryengine-production-7fbb6d4658-b2czq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 trg.gif
ads.travelaudience.com/ Frame A417 35 B
70 B 38ms
37ms Image
image/gif 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=444&pix=0&dp=event_type:impression
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:55 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/gif
x-host: tde-deliveryengine-production-7fbb6d4658-b2czq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 moatad.js Show response
z.moatads.com/travel198849194933/ Frame A417 334 KB
113 KB 135ms
40ms Script
application/x-javascript 184.30.17.133

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/travel198849194933/moatad.js
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ad699b94dcb8ac5c24ab5f4e6bfaa6fa8ddd26d90ff42fc3e395a8310684512

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:56:36 GMT
server: AmazonS3
x-amz-request-id: 5ADD2SR6FVQW52ZN
etag: "37dd62b52cf0e911ad78369a74658368"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=39013
accept-ranges: bytes
content-length: 115629
x-amz-id-2: pDgLJ/GC6iJcEq1w9HPnL5hxp5Yl0hMIxYlTeVWDpPG0k8FmTDjsCf81esmNtOs4aNdcYCs9Jaw=

GET
H2 200 creative.js Show response
ads.travelaudience.com/js/ Frame A417 56 KB
20 KB 37ms
37ms Script
application/javascript 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e910c6ce4e2cd194345e1ea8fce030f425c093f8d7c6dd41cde83ed0d08b8dd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: public
date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 18 Feb 2024 12:42:20 GMT
server: nginx/1.21.6
etag: W/"65d1fb2c-e1b2"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Feb 2024 01:59:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 77B4 5 KB
1 KB 132ms
52ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 01:59:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 01:01:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 01:59:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77B4 205 B
651 B 128ms
41ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:04:01 GMT
x-content-type-options: nosniff
age: 492953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Feb 2025 09:04:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 77B4 604 B
696 B 129ms
42ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 07:25:16 GMT
x-content-type-options: nosniff
age: 412478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Feb 2025 07:25:16 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 77B4 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 19:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 19:34:49 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 77B4 22 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:08:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C97C 14 KB
1 KB 52ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 01:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 00:14:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C97C 2 KB
822 B 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame C97C 23 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 01:46:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E91C 143 B
166 B 42ms
42ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:38:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C97C 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 01:46:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C97C 20 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C97C 204 KB
61 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 02:39:49 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame C97C 36 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 May 2024 08:56:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E91C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:59:55 GMT
expires: Mon, 19 Feb 2024 01:59:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:59:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 n.js Show response
mb.moatads.com/ Frame A417 112 B
289 B 150ms
41ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=1958190176&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2Fw%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-R1QelqV6USoP6g%3D%3D&sc=1&os=1-jQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&m=0&ar=805b0ce1b97-clean&iw=4a25902&q=2&cb=0&ym=0&cu=1708307995111&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000490%3A50002641%3A60022925%3A70016095&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207009&na=596122144&cs=0&ord=1708307995111&jv=1395182297&callback=DOMlessLLDcallback_10185498
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5ec00c463626e45ec23902d70d10468f2dd0d1be0851a4fe3fb7341c6638b898

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:55 GMT
server: istio-envoy
etag: "d0efc9ff2e0f0ebed239a29aa016d0d386ab4ab4"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 8
timing-allow-origin: *
content-length: 112

GET
H2 200 pixel.gif
px.moatads.com/ Frame A417 43 B
265 B 68ms
40ms Image
image/gif 184.30.17.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&m=0&ar=805b0ce1b97-clean&iw=4a25902&q=3&cb=0&ym=0&cu=1708307995111&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000490%3A50002641%3A60022925%3A70016095&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207009&na=686511505&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 19 Feb 2024 01:59:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET js-err
static.travelaudience.com/ Frame A417 0
0

GET
H2 200 replay.svg
static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/ Frame A417 949 B
1 KB 141ms
82ms Image
image/svg+xml 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/replay.svg
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 64b084b96d8ddc114505266e3780655cd9e17d9560b08d348b1b799d37967848

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:08:11 GMT
age: 3104
x-guploader-uploadid: ABPtcPoETD_-qBkd9-RObzKIUiQP7ijThiHiENLHioHVXdEcI6ZMestDybF_pK0QRiiB1KMc9w4
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 949
last-modified: Sat, 21 Oct 2023 13:26:02 GMT
server: UploadServer
etag: "5424690d2ae90ee2782546a17fe0cb02"
vary: Origin
x-goog-generation: 1697894762219273
x-goog-hash: crc32c=fI5Ukw==, md5=VCRpDSrpDuJ4JUahf+DLAg==
content-type: image/svg+xml
cache-control: public, max-age=3600
x-goog-stored-content-length: 949
accept-ranges: bytes
expires: Mon, 19 Feb 2024 02:08:11 GMT

GET
H2 200 logo.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/ Frame A417 7 KB
7 KB 135ms
76ms Image
image/png 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/logo.png
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 803fb11ea780a82baf752649fbcb1bad41b1311b1ea26520df9d3a71b67db8e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:55:21 GMT
age: 274
x-guploader-uploadid: ABPtcPo0mY9iNQ5HsDQG7_x0A6McME-lh3qpeck0LWCYQCboCUSqBc3Ufq8p0lBUPt7TdI6jAEC1Wcjl9g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7126
last-modified: Sat, 21 Oct 2023 13:26:01 GMT
server: UploadServer
etag: "0a6b2d690e9f9bc4e8f10f0754f2eccc"
vary: Origin
x-goog-generation: 1697894761792652
x-goog-hash: crc32c=vmgP4g==, md5=CmstaQ6fm8To8Q8HVPLszA==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 7126
accept-ranges: bytes
expires: Mon, 19 Feb 2024 02:55:21 GMT

GET
H2 200 hl01.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/ Frame A417 10 KB
10 KB 120ms
61ms Image
image/png 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/hl01.png
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 07577ca37d9c23f1091d9fec160e490a28e8e21d09fafa47f53a51a84d537fee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:02:39 GMT
age: 3436
x-guploader-uploadid: ABPtcPpqgrzMNHXhvdnsOqGj9vQycg7wnrh1kCMIg9iUoDw-2p9UTkNJlqqmhVnlkFBtbe3WQ91jOrw4eQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9906
last-modified: Sat, 21 Oct 2023 13:26:00 GMT
server: UploadServer
etag: "b581cde427b2091818a38d3e5cbe88f1"
vary: Origin
x-goog-generation: 1697894760508837
x-goog-hash: crc32c=IYYqTw==, md5=tYHN5CeyCRgYo40+XL6I8Q==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 9906
accept-ranges: bytes
expires: Mon, 19 Feb 2024 02:02:39 GMT

GET
H2 200 cta.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/ Frame A417 6 KB
6 KB 125ms
66ms Image
image/png 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/cta.png
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ec7c3d024eef48fa69f977f68e0dc496bd6f52380182bfdb29f6d791e7c6eac9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:55:21 GMT
age: 274
x-guploader-uploadid: ABPtcPq_xWOMuTY9nKcSZrJReTDaK1jWMnpYinHrOjOQyKVI2HA7zOy2xEaoxWDTLYFKJulPWjk
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5937
last-modified: Sat, 21 Oct 2023 13:26:00 GMT
server: UploadServer
etag: "5f4c72044cfde9f68dfbbd7c9792dcf2"
vary: Origin
x-goog-generation: 1697894760206801
x-goog-hash: crc32c=8MNWPA==, md5=X0xyBEz96faN+718l5Lc8g==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 5937
accept-ranges: bytes
expires: Mon, 19 Feb 2024 02:55:21 GMT

GET
H2 200 tnc.png
static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/ Frame A417 155 B
418 B 139ms
80ms Image
image/png 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/tnc.png
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9f214e7b6c6950f8968914f17c2ee0a4fad4d52659c85b2adc411f81a598ff49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:19:06 GMT
age: 2449
x-guploader-uploadid: ABPtcPrn5AzLo0tWl0e4HYyX2SBbKKPx_e5nf9btsbUNzjEzJoZkblD83CJJ07OijLeUzwV7Mlw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155
last-modified: Sat, 21 Oct 2023 13:26:03 GMT
server: UploadServer
etag: "dafa06fdf85a88f33e48d5ca78f80aef"
vary: Origin
x-goog-generation: 1697894763792112
x-goog-hash: crc32c=k6dRLw==, md5=2voG/fhaiPM+SNXKePgK7w==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 155
accept-ranges: bytes
expires: Mon, 19 Feb 2024 02:19:06 GMT

GET
H2 200 img01.jpg
static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/ Frame A417 44 KB
45 KB 76ms
30ms Image
image/jpeg 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/dubai_main/Q42023/europe/GB/GB_160x600/img01.jpg
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cbc4d7bcd025355ef633ab72116e736c26fa0395092f70037add34ca8d751fa9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:32:31 GMT
age: 1644
x-guploader-uploadid: ABPtcPrYrT3Z4YASKyCSXtsvli1A_95swHbeGx84fdm-RKYJ-IAf6472bYcJu1lTYuf3bIECqc9DwnEXFg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45210
last-modified: Sat, 21 Oct 2023 13:26:01 GMT
server: UploadServer
etag: "93a58476613177c59a9a726d3231f33b"
vary: Origin
x-goog-generation: 1697894761900571
x-goog-hash: crc32c=wbEnaQ==, md5=k6WEdmExd8WamnJtMjHzOw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 45210
accept-ranges: bytes
expires: Mon, 19 Feb 2024 02:32:31 GMT

GET
H3 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 797A 51 KB
19 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: www.nomesdefantasia.com
URL: https://www.nomesdefantasia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 07:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 411097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 07:48:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7043 0
23 B 81ms
81ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_G3IGrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0AFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeMbi0MM0bWi157kp2dRBeSyWHT5UHT1-nfUD3x1v0N2KypB_JtZegAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ5NDkzNTQwOTM3MTc3MzIYAA&sigh=wBQsg8osOuc&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_80yaBwKet8t431_ErI77-dCAa5xV6T1w-Pbh9b8Fzd7X7pFgXfmqQV920ztuvy6SC1SCQOfrMuNw5qNP8Yv1SH58e4_lFpieshgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4949354093717732&output=html&h=600&slotname=4961745906&adk=3191109235&adf=3870277056&pi=t.ma~as.4961745906&w=160&lmt=1708307994&format=160x600&url=https%3A%2F%2Fwww.nomesdefantasia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708307993902&bpp=1&bdt=233&idt=331&shv=r20240215&mjsv=m202402070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=235020507026&frm=20&pv=1&ga_vid=81785705.1708307994&ga_sid=1708307994&ga_hid=1840472409&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=14&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081140%2C31081186%2C44798934%2C95322746%2C95324580%2C95325067%2C31081078%2C95322183%2C95324154%2C95324160&oid=2&pvsid=1288529658798516&tmod=1570154935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=333
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 01:59:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 959E 0
2 KB 151ms
72ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0b555cbdb244630a%26domain%3Dwww.nomesdefantasia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.nomesdefantasia.com%252Fff3df26d4a6bbbcaa%26relation%3Dparent.parent&container_width=1342&href=https%3A%2F%2Fwww.nomesdefantasia.com%2F&layout=standard&locale=pt_PT&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk.js?hash=d072e1443dad44ed15685563b3e19b93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 19 Feb 2024 01:59:55 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: qPCq2DfdUwY6PKEMgCdUlhACe0xw7GKoHwjM9dKo1Qd9VtYlWw/ve7ojueIAyrLAOFyuVXD9a4YFZxsNniOQ2A==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 141ms
56ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f6cb116048ed30aef29a49ed1eccf2dcc71efdcb9853e029e91d2184c238773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12264
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52F4 13 KB
5 KB 47ms
46ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:47:10 GMT
expires: Tue, 18 Feb 2025 01:47:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D2AA 829 B
999 B 55ms
55ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d6be50b31d126c0dad5f95da074d2e90b6f219a33b898b1a99863f4e8752b2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zznk3AIDiiZ4cL2vAD6iYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nomesdefantasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Zznk3AIDiiZ4cL2vAD6iYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 01:59:55 GMT
expires: Mon, 19 Feb 2024 01:59:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame A417 43 B
251 B 160ms
41ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=138&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nomesdefantasia.com&L1id=30000490&L2id=50002641&L3id=60022925&L4id=70016095&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1708307995111&r=54159060146&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame A417 43 B
251 B 162ms
44ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=138&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nomesdefantasia.com&L1id=30000490&L2id=50002641&L3id=60022925&L4id=70016095&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1708307995111&r=54159060146&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame A417 43 B
265 B 40ms
40ms Image
image/gif 184.30.17.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Frtb.ads.travelaudience.com%2Fimg01.jpg&i=TRAVELAUDIENCE_DISPLAY1&ol=1958190176&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2Fw%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-R1QelqV6USoP6g%3D%3D&sc=1&os=1-jQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=638&w=170&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&cu=1708307995111&m=556&ar=805b0ce1b97-clean&iw=4a25902&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=152&lg=1&lh=7&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A645%3A645%3A633%3A476&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=138&cd=0&ah=138&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002641%3A60022925%3A70016095&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&zMoatSubdomain=nomesdefantasia.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207009&na=1719594442&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 19 Feb 2024 01:59:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 52F4 39 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 15:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Feb 2025 15:39:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D2AA 0
0 72ms
72ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=1288529658798516&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame A417 43 B
251 B 114ms
43ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=31&fi=0&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nomesdefantasia.com&L1id=30000490&L2id=50002641&L3id=60022925&L4id=70016095&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1708307995111&r=54159060146&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 52F4 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_zFJQQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 01:59:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7043 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1IjPDwYxr1pDnqoFKTTxRQQhyv2FCkVZV2rQnSTSfFdOJLKgsXsAaUNjtK_az7x1WbaF-wMLqKzAjQMRwn5sVGzYwwrThymzgtO3z7V_3u0Kt6UoGeImKW4Nfz6zdZzhtTRu6b6c&sig=Cg0ArKJSzP2Xe4p1IZS9EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3191109235&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=424079400&rst=1708307994236&rpt=613&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=1288529658798516&bg=!x8SlxIvNAAZN4L4YbeA7ADQBe5WfOK2_JwXJI09k_TIGWs1gpmfeA_l5W7I8kqJ_kSxx2EwOlpkHkyB4Gt4eoVt83iPLAgAAAC5SAAAAAmgBB5kC1XEHpR-tKWLwoVPkSNyDjIA5u8nrQXcjRaLnLBzzDBR18NmLy85-wOAVASbaQAgqalJuCi-oudKq7h2cs504h7VJFY7pTumUuM-hExp0Snbg03Rq5tunfqbsdut8_y5CvGxpjPOg_cWHvzD_2OntNNWwL9RYh8ho9YRh2i9Kb5uj8bnSzGH74QYNZjdUNtRoCusNUcMseJTzc29Rf0D2S6sMbZPfBn9G-6GUjbdasAYfrszao-u5rel4dh5Cnphy4rP4YKvQkkaQ8-LHsLHlB5GsuusT0Nk_BjtbvoXA3xuyWGBRSqHUManuPF-UcxYVEz2ZO68oU3NcoeXNkmMxGUFZlROkFStRddaBfn_nypj_64l7VUnAPK5fZdWU7TrUR7fuepI_j-8WHLeJ7yjJHx6DbVxkS06F7gj2SctlcH9-yGTKnSQz8T8_7F3L4qWQPe73RvFlaqzwFFJOzApsS1uJqU9TG1bQsxvo3Y4vDYEZhSAWHlS01xfj9dPBbNu3zgjs2m2CMBDi3W-ySyZDOWRbMOYIHxyKLu2MRein6s-pvMgHIKTaY_RyAtwIdl3JNOkzWX0PvwX8DetwqsamG778s4rOIQAD-5bJ1TRPz6gfPL7ZD8ICukeFMTtbbsDlXhv6J64E29HfR3ciJw2C-LzyESnapsQ5diiaCinErY6FtmHTpmYnkdCu1NeJQ55GsNVGfxraL0eyQLMxaZRpiDpQrMfCaDSKizl0US7rz5GCbpU8FyEgbEMLQgb9IBm0OY5Ya8bqzY92Gqqhp0Jy6pmhpZL_ylu8Nxj2NISWnkilVJ0BYtRf3sWs2U7SF0jTwZuSPuVESRIb6-2fQmwV1nCCCvVNpob4ZJN-c_HtHNyxmvhMMi9F73AYQJgqfV8Tu9JtCY_tezFHJ3qiLJawA3GZjvxW5dyPM_7XZeLTkYQwJC_9VybGWvUXVbw1keHDJgYfQuDn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.nomesdefantasia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ Frame A417 43 B
265 B 40ms
40ms Image
image/gif 184.30.17.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=1958190176&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2Fw%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-R1QelqV6USoP6g%3D%3D&sc=1&os=1-jQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=638&w=170&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&cu=1708307995111&m=1406&ar=805b0ce1b97-clean&iw=4a25902&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=152&lg=1&lh=7&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=98&vx=-%3A98%3A-&pe=0%3A645%3A645%3A633%3A476&aa=0&ad=832&cn=0&gk=100&gl=0&ik=100&ic=100&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=801&cd=138&ah=801&am=138&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002641%3A60022925%3A70016095&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&zMoatSubdomain=nomesdefantasia.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=207009&na=105318965&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 19 Feb 2024 01:59:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:56 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame A417 43 B
251 B 42ms
41ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=832&fi=1&apd=1001&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nomesdefantasia.com&L1id=30000490&L2id=50002641&L3id=60022925&L4id=70016095&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1708307995111&r=54159060146&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame A417 43 B
265 B 40ms
40ms Image
image/gif 184.30.17.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=1958190176&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2Fw%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-R1QelqV6USoP6g%3D%3D&sc=1&os=1-jQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=638&w=170&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&cu=1708307995111&m=1608&ar=805b0ce1b97-clean&iw=4a25902&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=152&lg=1&lh=7&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=98&vx=-%3A98%3A-&pe=0%3A645%3A645%3A633%3A476&aa=1&ad=1034&cn=832&gk=302&gl=100&ik=302&ic=302&ez=1&co=1034&cp=1001&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1001&cd=801&ah=1001&am=801&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002641%3A60022925%3A70016095&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&zMoatSubdomain=nomesdefantasia.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207009&na=1195552435&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 19 Feb 2024 01:59:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:56 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame A417 43 B
251 B 42ms
41ms Image
image/gif 2.18.161.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1001&tet=1034&fi=1&apd=1203&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nomesdefantasia.com&L1id=30000490&L2id=50002641&L3id=60022925&L4id=70016095&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1708307995111&r=54159060146&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=nomesdefantasia.com&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 01:59:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame A417 43 B
265 B 40ms
40ms Image
image/gif 184.30.17.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=1958190176&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2Fw%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-R1QelqV6USoP6g%3D%3D&sc=1&os=1-jQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=638&w=170&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&cu=1708307995111&m=2411&ar=805b0ce1b97-clean&iw=4a25902&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=152&lg=1&lh=7&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A645%3A645%3A633%3A476&aa=1&ad=1837&cn=1034&gn=1&gk=1105&gl=302&ik=1105&ic=1105&ez=1&co=1034&cp=1001&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1806&cd=1001&ah=1806&am=1001&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002641%3A60022925%3A70016095&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&zMoatSubdomain=nomesdefantasia.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=207009&na=2140046064&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 19 Feb 2024 01:59:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame A417 43 B
265 B 46ms
46ms Image
image/gif 184.30.17.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=1958190176&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-x%2Fw%2FQPMUA%2BNI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-R1QelqV6USoP6g%3D%3D&sc=1&os=1-jQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=638&w=170&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.nomesdefantasia.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.nomesdefantasia.com&t=1708307995111&de=54159060146&cu=1708307995111&m=2411&ar=805b0ce1b97-clean&iw=4a25902&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=152&lg=1&lh=7&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A645%3A645%3A633%3A476&aa=1&ad=1837&cn=1837&gn=1&gk=1105&gl=1105&ik=1105&ic=1105&ez=1&co=1034&cp=1001&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1806&cd=1806&ah=1806&am=1806&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002641%3A60022925%3A70016095&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=nomesdefantasia.com&zMoatSubdomain=nomesdefantasia.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=207009&na=814112497&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Mon, 19 Feb 2024 01:59:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Feb 2024 01:59:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.travelaudience.com
URL: https://static.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60022925.OTk5JTJjMQ%3D%3D...C4foKlQVBKhGmcTFfSShvw%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D160%26y%3D600%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%2526client%253Dca-pub-4949354093717732%2526adurl%253D%26googlewinningprice%3DZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg%26wpc%3DEUR%26site%3Dwww.nomesdefantasia.com%26slotvisibility%3D1%26gcpm%3D1081156%26gpos%3D1%26bidder%3Dbidder-rtb-production-7d7fbc9b7d-d9qns%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DoFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ%26ssp_id%3D0%26l%3Dpt%26ts%3D1708307994%26uc%3DGB%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk%3D

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nomesdefantasia.com/	1970-01-21 04:07:47	Name: __utma Value: 255590423.81785705.1708307994.1708307994.1708307994.1
.nomesdefantasia.com/	1969-12-31 23:59:59	Name: __utmc Value: 255590423
.nomesdefantasia.com/	1970-01-20 22:54:35	Name: __utmz Value: 255590423.1708307994.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.nomesdefantasia.com/	1970-01-20 18:31:48	Name: __utmt Value: 1
.nomesdefantasia.com/	1970-01-20 18:31:49	Name: __utmb Value: 255590423.1.10.1708307994
.travelaudience.com/	1970-01-21 03:59:09	Name: _tracker Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22CCF370F2-0E44-4D67-818E-772ED3EDA860%22%7D
.nomesdefantasia.com/	1970-01-21 03:53:23	Name: __gads Value: ID=3b361f0d0f877109:T=1708307994:RT=1708307994:S=ALNI_Ma489Po1qyHAejevzKZFwECOmE5iA
.nomesdefantasia.com/	1970-01-21 03:53:23	Name: __gpi Value: UID=00000d5c53a6d796:T=1708307994:RT=1708307994:S=ALNI_MYkkCnbUT0E3mPlnBqkps1D0_bkjw
.nomesdefantasia.com/	1970-01-20 22:50:59	Name: __eoi Value: ID=6fefcd8d6314dd15:T=1708307994:RT=1708307994:S=AA-AfjboAjaeYXeK9rBjdfp0Nmpk
ads.travelaudience.com/	1970-01-21 03:59:09	Name: _tracker Value: %7B%22UUID%22%3A%22CCF370F2-0E44-4D67-818E-772ED3EDA860%22%7D
.doubleclick.net/	1970-01-20 18:31:51	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:53:23	Name: IDE Value: AHWqTUma8k2GuOXohLWFXQqMXuuZgex1QMThluuReSa00BhlR_2Vcz1mT3TXlv-gbCY

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60022925.OTk5JTJjMQ==...C4foKlQVBKhGmcTFfSShvw%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%26client%3Dca-pub-4949354093717732%26adurl%3D&googlewinningprice=ZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg&wpc=EUR&site=www.nomesdefantasia.com&slotvisibility=1&gcpm=1081156&gpos=1&bidder=bidder-rtb-production-7d7fbc9b7d-d9qns&dv=1&uuid=&suid=&brq=oFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ&ssp_id=0&l=pt&ts=1708307994&uc=GB&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=ZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk= Message: Access to image at 'https://static.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60022925.OTk5JTJjMQ%3D%3D...C4foKlQVBKhGmcTFfSShvw%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D160%26y%3D600%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%2526client%253Dca-pub-4949354093717732%2526adurl%253D%26googlewinningprice%3DZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg%26wpc%3DEUR%26site%3Dwww.nomesdefantasia.com%26slotvisibility%3D1%26gcpm%3D1081156%26gpos%3D1%26bidder%3Dbidder-rtb-production-7d7fbc9b7d-d9qns%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DoFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ%26ssp_id%3D0%26l%3Dpt%26ts%3D1708307994%26uc%3DGB%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk%3D' from origin 'https://rtb.ads.travelaudience.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70016095.0.0..0.GB.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60022925.OTk5JTJjMQ%3D%3D...C4foKlQVBKhGmcTFfSShvw%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D160%26y%3D600%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_i20GrbSZfmvEKWmnsEPy-6E-ATKkbX7ctPipc7RCsCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi00OTQ5MzU0MDkzNzE3NzMyyAEJqQLsFLJnchSyPqgDAcgDAqoE0wFP0OUpCslavFvPMZoliUNZC1V4OtqT-xyjJRPLNYSLAkNOv9SgXhd1KmaZVejcoxUm4dzx_OrbxZvJT1LhPNJW5xWfXw14oNt-6SITK1b25OicLKlSIa7dLnDf_GA5aA0L8aUeFYtrE2jfoUmtTqj0GFENaSKC3odHKgi5RWPOo8MNrfHCL6A2OpB6e6_lJt2mSaDph7h5jeh5hz_0FIqgXt908DmERCuZeITg8VGmw4e8eFYAfENE65OOOjT5FxNmLUaM2o_aZfCm0gD00d_BgylMgAbhurjY4o2Llj2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgMCAgICgCEi9_cE6WObyqJmntoQD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3fIfZMLiGst8cu-tOGn_t7siodSA%2526client%253Dca-pub-4949354093717732%2526adurl%253D%26googlewinningprice%3DZdK2GgAEF_kCJ5MlAAE3S30fiv23Uaip3fjJtg%26wpc%3DEUR%26site%3Dwww.nomesdefantasia.com%26slotvisibility%3D1%26gcpm%3D1081156%26gpos%3D1%26bidder%3Dbidder-rtb-production-7d7fbc9b7d-d9qns%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DoFWvLvugEGV0sbpqYiwV6ROBifcTkmDTuezRxQ%26ssp_id%3D0%26l%3Dpt%26ts%3D1708307994%26uc%3DGB%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DZbwLjbL-zujJNiS8r3en6Cr9TIutsLulXkfqHkJqJIk%3D Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.nomesdefantasia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
violation	error	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'self'; font-src https: data: 'self'; img-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; manifest-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; connect-src https: data: 'unsafe-eval' 'unsafe-inline'; frame-src https: blob: data: 'self' https://pagead2.googlesyndication.com https://cm.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com https://accounts.google.com https://tpc.googlesyndication.com gmsg:; worker-src https: blob: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
mb.moatads.com
pagead2.googlesyndication.com
platform.twitter.com
px.moatads.com
rtb.ads.travelaudience.com
ssl.google-analytics.com
static.travelaudience.com
syndication.twitter.com
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
www.facebook.com
www.google.com
www.gstatic.com
www.nomesdefantasia.com
www.reddit.com
z.moatads.com
static.travelaudience.com
104.244.42.136
132.226.214.62
151.101.65.140
184.30.17.133
2.18.161.148
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:828::2001
2a00:1450:4001:831::2008
2a01:7e00:e000:27a::1201
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.187.184.108
35.190.0.66
35.244.170.237
07577ca37d9c23f1091d9fec160e490a28e8e21d09fafa47f53a51a84d537fee
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135ae2c94ade7801a508e4c4fffd31bb2f52554caadc38ab7d222b3f799606c6
1680ec3cd124971f5cfefd5c47edc481ccb550e8159424687f77fd51f6bb3ce2
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a6090d4a1e5b36eb1362d1a7a29c7f8ac73320c714dfbe6f14955ee70eebad9
1bc95100019fd1118bc8a776734b3fbb02824f2b205097638572d180f3d8b9dd
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
251ee1bc26f892fd85f1820b9de89be57719572cda9f7838eb7de4bab08e98cd
2579516813093f72e78458af5c793de76df213048b5422f34565289a5987196c
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e09cd7bf9460414ad1357c5aac4cf8c126f34be6077e101c57ca733042d5f1f
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37ff18d9b420a72b81d7157e63228849248890adc67c4b87026e2296d2732def
3b3987636fb31bbd20740155b66c465d874af2cc5362e5d4e084d4e796fb3a28
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
3d6be50b31d126c0dad5f95da074d2e90b6f219a33b898b1a99863f4e8752b2f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fdc67b695b4ec10f141f76a9da823f6f0e6a4029f669f84bb23cf22838995cb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ec00c463626e45ec23902d70d10468f2dd0d1be0851a4fe3fb7341c6638b898
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b084b96d8ddc114505266e3780655cd9e17d9560b08d348b1b799d37967848
67624eca89cd5a8049792f76cf40796791bc957c95628825f5c3d83d1ad6c3bf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f6cb116048ed30aef29a49ed1eccf2dcc71efdcb9853e029e91d2184c238773
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
803fb11ea780a82baf752649fbcb1bad41b1311b1ea26520df9d3a71b67db8e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
85a945a6a1974d5fd1f92ad36d99fbe6d977e245fc6b0eb9fb3a44e050328dfd
8ad699b94dcb8ac5c24ab5f4e6bfaa6fa8ddd26d90ff42fc3e395a8310684512
8bb755868270c58be8718b63ff08f560fe952537237af30e68979ff7eefd1c8a
93d5d46617b41c4ed38485e536a687f54f9f0a86b2da64fa6b415118aacb8470
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9f214e7b6c6950f8968914f17c2ee0a4fad4d52659c85b2adc411f81a598ff49
a48e00cdea361c458a2fbbf6cc7ec5ad78e917898020772fa8d7b143f2340001
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c2f060e08ab6fb044d58c757f08098ad285ea2da0f384eff07c8558d68596076
cbc4d7bcd025355ef633ab72116e736c26fa0395092f70037add34ca8d751fa9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e910c6ce4e2cd194345e1ea8fce030f425c093f8d7c6dd41cde83ed0d08b8dd4
ec7c3d024eef48fa69f977f68e0dc496bd6f52380182bfdb29f6d791e7c6eac9
eebf8c4809be016071e5cff22053eadde49a1211b59d950ae4a40be677bf610d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef437ad387110bff7b41c27112bde6604bf6afca8c8265fa8f781b456df98e6c
f213ac02ba39f072ad8c2a46f842ec4ce1cd03e1e5220f8a393956ce887b64de

www.nomesdefantasia.com Open in urlscan Pro 2a01:7e00:e000:27a::1201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

58 %IPv6

14 Domains

20 Subdomains

20 IPs

4 Countries

1100 kBTransfer

3163 kBSize

12 Cookies

10 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nomesdefantasia.com Open in urlscan Pro
2a01:7e00:e000:27a::1201 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

58 %
IPv6

14
Domains

20
Subdomains

20
IPs

4
Countries

1100 kB
Transfer

3163 kB
Size

12
Cookies

79 HTTP transactions
2 data transactions