urlscan.io logo urlscan.io
SecurityTrails logo

www.frommers.com Open in urlscan Pro
3.235.208.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Submission: On December 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 13 countries across 86 domains to perform 649 HTTP transactions. The main IP is 3.235.208.205, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.frommers.com. The Cisco Umbrella rank of the primary domain is 169392.
TLS certificate: Issued by Amazon on July 21st 2022. Valid for: a year.
This is the only time www.frommers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
58 3.235.208.205 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
5 23.62.220.135 16625 (AKAMAI-AS)
1 151.101.1.195 54113 (FASTLY)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 143.204.215.30 16509 (AMAZON-02)
3 2620:116:800d... 16509 (AMAZON-02)
2 142.250.180.226 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
6 23 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:233... 15133 (EDGECAST)
1 15 96.16.134.48 16625 (AKAMAI-AS)
2 18.66.218.75 16509 (AMAZON-02)
1 51.77.64.70 16276 (OVH)
42 2a00:1450:400... 15169 (GOOGLE)
3 13.32.28.197 16509 (AMAZON-02)
4 34.102.191.167 396982 (GOOGLE-CL...)
1 2600:9000:211... 16509 (AMAZON-02)
2 2 35.186.212.60 15169 (GOOGLE)
7 40 142.250.185.130 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:402... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2.18.37.67 16625 (AKAMAI-AS)
21 65.9.66.8 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:224... 16509 (AMAZON-02)
2 99.86.3.236 16509 (AMAZON-02)
2 35.244.188.9 15169 (GOOGLE)
5 205.185.216.42 20446 (STACKPATH...)
19 2a00:1450:400... 15169 (GOOGLE)
5 34.98.72.95 396982 (GOOGLE-CL...)
1 23.35.229.181 16625 (AKAMAI-AS)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 34.120.253.250 396982 (GOOGLE-CL...)
3 107.178.244.119 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
3 13.248.151.244 16509 (AMAZON-02)
5 35.71.131.137 16509 (AMAZON-02)
1 2 172.64.175.31 13335 (CLOUDFLAR...)
3 3 185.89.211.12 29990 (ASN-APPNEX)
3 65.9.86.97 16509 (AMAZON-02)
78 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.56 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 185.89.210.212 29990 (ASN-APPNEX)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
2 20.13.96.71 8075 (MICROSOFT...)
2 199.232.18.132 54113 (FASTLY)
1 2.18.37.133 16625 (AKAMAI-AS)
5 2600:9000:224... 16509 (AMAZON-02)
5 2a00:1450:401... 15169 (GOOGLE)
1 108.177.15.156 15169 (GOOGLE)
2 65.9.65.116 16509 (AMAZON-02)
4 5 172.217.16.198 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 35.186.193.173 15169 (GOOGLE)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
1 185.86.139.103 201081 (SMARTADSE...)
3 64.202.112.127 22075 (AS-OUTBRAIN)
29 2a00:1450:400... 15169 (GOOGLE)
5 54.77.215.72 16509 (AMAZON-02)
11 52.49.220.212 16509 (AMAZON-02)
6 205.185.216.10 20446 (STACKPATH...)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 35.157.98.214 16509 (AMAZON-02)
3 3 185.29.134.248 30419 (MEDIAMATH...)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.190.0.66 15169 (GOOGLE)
4 4 3.127.13.90 16509 (AMAZON-02)
2 4 104.96.128.226 16625 (AKAMAI-AS)
2 142.251.208.130 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
3 3 37.157.6.254 198622 (ADFORM)
2 3 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 216.52.2.39 30282 (AS-INAPCD...)
1 1 3.126.56.137 16509 (AMAZON-02)
1 34.111.8.32 396982 (GOOGLE-CL...)
2 2 35.210.53.219 15169 (GOOGLE)
1 54.217.203.96 16509 (AMAZON-02)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
18 99.86.4.64 16509 (AMAZON-02)
1 54.74.115.87 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
1 78.46.85.162 24940 (HETZNER-AS)
1 88.99.63.132 24940 (HETZNER-AS)
1 1 104.87.133.65 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 89.149.192.65 60781 (LEASEWEB-...)
4 213.19.147.42 3356 (LEVEL3)
4 185.64.189.112 62713 (AS-PUBMATIC)
5 34.98.64.218 396982 (GOOGLE-CL...)
3 104.18.33.19 13335 (CLOUDFLAR...)
1 3.121.4.183 16509 (AMAZON-02)
4 52.28.179.45 16509 (AMAZON-02)
2 23.37.42.132 16625 (AKAMAI-AS)
1 2.18.36.193 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 13.248.245.213 16509 (AMAZON-02)
1 3 172.64.154.237 13335 (CLOUDFLAR...)
1 69.173.144.165 26667 (RUBICONPR...)
1 4 185.80.39.216 27381 (CASALE-MEDIA)
1 2 52.46.143.56 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.171.249.126 14618 (AMAZON-AES)
649 110
58    3.235.208.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-208-205.compute-1.amazonaws.com
www.frommers.com
6    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
5    23.62.220.135 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-135.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
js.adara.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adligature.com
1    143.204.215.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-30.fra53.r.cloudfront.net
js.createsend1.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
www.googleadservices.com
6    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:1901:0:7ec2::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
sablesong.com
23    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
www.youtube.com
7    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdntravelspike.azureedge.net
15    96.16.134.48 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-48.deploy.static.akamaitechnologies.com
media.travelzoo.com
www.travelzoo.com
ssl.tzoo-img.com
2    18.66.218.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-75.mxp63.r.cloudfront.net
sb.scorecardresearch.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
42    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    34.102.191.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.191.102.34.bc.googleusercontent.com
sdk.adara.com
1    2600:9000:211e:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    35.186.212.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com
tag.yieldoptimizer.com
40    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:214f:d800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
5    2.18.37.67 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
21    65.9.66.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-8.fra56.r.cloudfront.net
tagan.adlightning.com
6    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
34    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
16    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
17    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
7    2600:9000:2240:8800:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)
aff.bstatic.com
cf.bstatic.com
2    99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com
static.sojern.com
5    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
s.vi-serve.com
nv.vi-serve.com
19    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    2a02:26f0:dc:185::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
3    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
pixel.sojern.com
1    2600:9000:2057:f800:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
3    13.248.151.244 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
de1-bid.adsrvr.org
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    172.64.175.31 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
3    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    65.9.86.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-97.ams1.r.cloudfront.net
choices.truste.com
78    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    65.9.66.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-56.fra56.r.cloudfront.net
www.booking.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcmatch.google.com
1    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
fcmatch.youtube.com
5    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
2    20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
log.outbrainimg.com
2    199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    2.18.37.133 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-133.deploy.static.akamaitechnologies.com
z.moatads.com
5    2600:9000:2240:3600:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.bstatic.com
5    2a00:1450:4014:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
bid.g.doubleclick.net
2    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
ad.adsrvr.org
5    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
ad.doubleclick.net
1    2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e:15::9 (Ireland)

ASN15169 (GOOGLE, US)
r4---sn-5hne6nzy.c.2mdn.net
1    2a02:26f0:dc:394::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    2a05:d018:d29:3601:576c:7828:69ec:4641 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
29    2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    54.77.215.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-215-72.eu-west-1.compute.amazonaws.com
t.vi-serve.com
11    52.49.220.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
pixel.inforsea.com
6    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
player.inforsea.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    35.157.98.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-98-214.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    3.127.13.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-13-90.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
sync.teads.tv
2    142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
3    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    54.217.203.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-203-96.eu-west-1.compute.amazonaws.com
vis.vi-serve.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
18    99.86.4.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-64.fra6.r.cloudfront.net
choices.trustarc.com
1    54.74.115.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-115-87.eu-west-1.compute.amazonaws.com
call.inforsea.com
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
1    88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.blau.de
1    104.87.133.65 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
4    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
videointelligence-d.openx.net
u.openx.net
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    3.121.4.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-4-183.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    52.28.179.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-179-45.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2a05:d018:cc3:fe04:878e:121f:757:1432 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    2600:9000:2057:4400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a00:1450:400e:1::8 (Ireland)

ASN15169 (GOOGLE, US)
rr3---sn-5hnekn7d.googlevideo.com
1    35.171.249.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-249-126.compute-1.amazonaws.com
ping.chartbeat.net
Apex Domain
Subdomains		 Transfer
128 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
1 MB
111 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
bid.g.doubleclick.net — Cisco Umbrella Rank: 704
ad.doubleclick.net — Cisco Umbrella Rank: 161
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
pubads.g.doubleclick.net — Cisco Umbrella Rank: 404
762 KB
58 frommers.com
www.frommers.com — Cisco Umbrella Rank: 169392
2 MB
32 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 960
r4---sn-5hne6nzy.c.2mdn.net — Cisco Umbrella Rank: 320104
s0.2mdn.net — Cisco Umbrella Rank: 267
307 KB
32 google.com
www.google.com — Cisco Umbrella Rank: 2
cse.google.com — Cisco Umbrella Rank: 2978
clients1.google.com — Cisco Umbrella Rank: 436
adservice.google.com — Cisco Umbrella Rank: 72
fcmatch.google.com — Cisco Umbrella Rank: 2468
173 KB
21 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1715
585 KB
19 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
808 KB
18 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 729
56 KB
18 inforsea.com
pixel.inforsea.com — Cisco Umbrella Rank: 19547
player.inforsea.com — Cisco Umbrella Rank: 20287
call.inforsea.com — Cisco Umbrella Rank: 21395
180 KB
15 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28664
ad4m.at — Cisco Umbrella Rank: 9760
assets.ad4m.at — Cisco Umbrella Rank: 37651
391 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 405
831 KB
12 bstatic.com
aff.bstatic.com — Cisco Umbrella Rank: 25958
cf.bstatic.com — Cisco Umbrella Rank: 14373
77 KB
12 gstatic.com
fonts.gstatic.com
csi.gstatic.com
166 KB
11 vi-serve.com
s.vi-serve.com — Cisco Umbrella Rank: 17692
t.vi-serve.com — Cisco Umbrella Rank: 17739
vis.vi-serve.com — Cisco Umbrella Rank: 18869
nv.vi-serve.com — Cisco Umbrella Rank: 23425
777 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
8 KB
10 adsrvr.org
de1-bid.adsrvr.org — Cisco Umbrella Rank: 15514
match.adsrvr.org — Cisco Umbrella Rank: 315
ad.adsrvr.org — Cisco Umbrella Rank: 1871
207 KB
10 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1353
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3225
odb.outbrain.com — Cisco Umbrella Rank: 1545
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5613
mv.outbrain.com — Cisco Umbrella Rank: 3002
122 KB
10 travelzoo.com
media.travelzoo.com — Cisco Umbrella Rank: 568427
www.travelzoo.com — Cisco Umbrella Rank: 136243
100 KB
9 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 414
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
25 KB
8 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894
eus.rubiconproject.com — Cisco Umbrella Rank: 529
token.rubiconproject.com — Cisco Umbrella Rank: 563
13 KB
8 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 716
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 481
7 KB
7 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 1895
tag.bounceexchange.com — Cisco Umbrella Rank: 2420
api.bounceexchange.com — Cisco Umbrella Rank: 2106
181 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
50 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
tag.1rx.io — Cisco Umbrella Rank: 1334
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
5 openx.net
videointelligence-d.openx.net — Cisco Umbrella Rank: 36225
u.openx.net — Cisco Umbrella Rank: 653
873 B
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 761
prg.smartadserver.com — Cisco Umbrella Rank: 1528
1 KB
5 tzoo-img.com
ssl.tzoo-img.com — Cisco Umbrella Rank: 67401
4 MB
5 sojern.com
static.sojern.com — Cisco Umbrella Rank: 17293
pixel.sojern.com — Cisco Umbrella Rank: 8175
25 KB
5 adara.com
js.adara.com — Cisco Umbrella Rank: 21951
sdk.adara.com — Cisco Umbrella Rank: 21345
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1225
918 B
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
2 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
3 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
www.google.de — Cisco Umbrella Rank: 6041
2 KB
4 adligature.com
cdn.adligature.com — Cisco Umbrella Rank: 69344
139 KB
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1678
m.addthis.com — Cisco Umbrella Rank: 1627
217 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
2 KB
3 truste.com
choices.truste.com — Cisco Umbrella Rank: 722
30 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 9184
flint.defybrick.com — Cisco Umbrella Rank: 8856
20 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 8965
log.outbrainimg.com — Cisco Umbrella Rank: 2531
1 KB
3 sablesong.com
sablesong.com — Cisco Umbrella Rank: 157928
23 KB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 15662
pixel.quantserve.com — Cisco Umbrella Rank: 666
cms.quantserve.com — Cisco Umbrella Rank: 639
11 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
2 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
eb2.3lift.com — Cisco Umbrella Rank: 335
664 B
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 71689
681 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 73979
440 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
646 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4507
745 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12945
567 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292
static-de.ad4mat.net — Cisco Umbrella Rank: 126078
4 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 29316
630 B
2 youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2480
www.youtube.com — Cisco Umbrella Rank: 73
525 B
2 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 4647
1 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1239
c.go-mpulse.net — Cisco Umbrella Rank: 602
51 KB
2 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4308
951 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
2 KB
2 azureedge.net
cdntravelspike.azureedge.net — Cisco Umbrella Rank: 414167
7 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
18 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1227
201 B
1 googlevideo.com
rr3---sn-5hnekn7d.googlevideo.com — Cisco Umbrella Rank: 62974
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1903
938 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1412
15 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
181 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 21953
270 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 59744
638 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14058
694 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 90883
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 81505
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
576 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2338
104 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 389
1 KB
1 booking.com
www.booking.com — Cisco Umbrella Rank: 8672
29 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
465 B
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1712
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
457 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5261
208 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
65 KB
1 createsend1.com
js.createsend1.com — Cisco Umbrella Rank: 27458
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
6 KB
0 azurewebsites.net Failed
travelspike.azurewebsites.net Failed
649 86
Domain Requested by
78 tpc.googlesyndication.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
www.frommers.com
securepubads.g.doubleclick.net
s0.2mdn.net
imasdk.googleapis.com
58 www.frommers.com www.frommers.com
42 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
www.frommers.com
www.travelzoo.com
www.googletagservices.com
tagan.adlightning.com
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
40 cm.g.doubleclick.net 7 redirects www.frommers.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
34 pagead2.googlesyndication.com www.frommers.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
www.googletagservices.com
tagan.adlightning.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
29 s0.2mdn.net tagan.adlightning.com
s0.2mdn.net
www.frommers.com
imasdk.googleapis.com
23 www.google.com 6 redirects www.google.com
www.frommers.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
tpc.googlesyndication.com
tagan.adlightning.com
21 tagan.adlightning.com cdn.adligature.com
tagan.adlightning.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
19 www.googletagservices.com securepubads.g.doubleclick.net
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
tagan.adlightning.com
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
18 choices.trustarc.com tagan.adlightning.com
www.frommers.com
15 googleads.g.doubleclick.net 1 redirects 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
11 pixel.inforsea.com www.frommers.com
player.inforsea.com
11 cf.bstatic.com www.booking.com
cf.bstatic.com
10 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
9 www.travelzoo.com www.frommers.com
www.travelzoo.com
7 imasdk.googleapis.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
player.inforsea.com
imasdk.googleapis.com
7 fonts.gstatic.com fonts.googleapis.com
6 assets.ad4m.at as.ad4m.at
6 player.inforsea.com tagan.adlightning.com
6 www.google-analytics.com www.frommers.com
www.google-analytics.com
6 fonts.googleapis.com www.frommers.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 ad4m.at as.ad4m.at
ad4m.at
ssum-sec.casalemedia.com
5 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 t.vi-serve.com www.frommers.com
5 ad.doubleclick.net 4 redirects tagan.adlightning.com
5 ssl.tzoo-img.com securepubads.g.doubleclick.net
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
5 csi.gstatic.com imasdk.googleapis.com
5 ib.adnxs.com 2 redirects player.inforsea.com
acdn.adnxs.com
5 match.adsrvr.org 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
static.sojern.com
ssum-sec.casalemedia.com
5 assets.bounceexchange.com securepubads.g.doubleclick.net
tagan.adlightning.com
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 prebid-server.rubiconproject.com player.inforsea.com
4 videointelligence-d.openx.net player.inforsea.com
4 hbopenbid.pubmatic.com player.inforsea.com
4 tag.1rx.io player.inforsea.com
4 prg.smartadserver.com player.inforsea.com
4 sync.teads.tv 2 redirects www.frommers.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
4 x.bidswitch.net 4 redirects
4 as.ad4m.at 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 s.vi-serve.com www.frommers.com
tagan.adlightning.com
4 widgets.outbrain.com cdn.adligature.com
www.frommers.com
tagan.adlightning.com
4 sdk.adara.com js.adara.com
4 cdn.adligature.com www.frommers.com
cdn.adligature.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 htlb.casalemedia.com player.inforsea.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 c1.adform.net 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 sync.mathtag.com 3 redirects
3 mcdp-nydc1.outbrain.com widgets.outbrain.com
3 pr-bh.ybp.yahoo.com 3 redirects
3 choices.truste.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
3 secure.adnxs.com 3 redirects
3 de1-bid.adsrvr.org 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
3 pixel.sojern.com static.sojern.com
3 adservice.google.de securepubads.g.doubleclick.net
3 c.amazon-adsystem.com cdn.adligature.com
c.amazon-adsystem.com
3 sablesong.com www.frommers.com
sablesong.com
3 s7.addthis.com www.frommers.com
s7.addthis.com
tagan.adlightning.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com player.inforsea.com
eus.rubiconproject.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 d5p.de17a.com 2 redirects
2 pool.admedo.com 2 redirects
2 ap.lijit.com 2 redirects
2 um.simpli.fi 2 redirects
2 googleads4.g.doubleclick.net tagan.adlightning.com
2 ads.travelaudience.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 r4---sn-5hne6nzy.c.2mdn.net 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
2 ad.adsrvr.org 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
2 log.outbrainimg.com widgets.outbrain.com
2 flint.defybrick.com tagan.adlightning.com
www.frommers.com
2 metrics.getrockerbox.com 1 redirects 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
2 static.sojern.com www.frommers.com
static.sojern.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 stats.g.doubleclick.net www.google-analytics.com
2 tag.yieldoptimizer.com 2 redirects
2 sb.scorecardresearch.com www.frommers.com
2 cdntravelspike.azureedge.net www.frommers.com
cdntravelspike.azureedge.net
2 cse.google.com www.frommers.com
www.google.com
2 www.googleadservices.com www.frommers.com
www.googleadservices.com
1 www.youtube.com
1 ping.chartbeat.net
1 rr3---sn-5hnekn7d.googlevideo.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 static.chartbeat.com tagan.adlightning.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 eb2.3lift.com player.inforsea.com
1 js-sec.indexww.com player.inforsea.com
1 acdn.adnxs.com player.inforsea.com
1 u.openx.net player.inforsea.com
1 ads.pubmatic.com player.inforsea.com
1 tlx.3lift.com player.inforsea.com
1 www.conrad.de as.ad4m.at
1 www.awin1.com 1 redirects
1 partner.blau.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 call.inforsea.com player.inforsea.com
1 nv.vi-serve.com www.frommers.com
1 static-de.ad4mat.net as.ad4m.at
1 vis.vi-serve.com s.vi-serve.com
1 cms.quantserve.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
1 api.bounceexchange.com tagan.adlightning.com
1 mv.outbrain.com tagan.adlightning.com
1 ups.analytics.yahoo.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 s.tribalfusion.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 prod-rtb.ad4mat.net www.frommers.com
1 ssbsync.smartadserver.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 dclk-match.dotomi.com 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
1 c.go-mpulse.net s.go-mpulse.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 z.moatads.com s7.addthis.com
1 odb.outbrain.com tagan.adlightning.com
1 fcmatch.youtube.com static.sojern.com
1 fcmatch.google.com 1 redirects
1 www.booking.com aff.bstatic.com
1 rock.defybrick.com tagan.adlightning.com
1 tag.bounceexchange.com tagan.adlightning.com
1 s.go-mpulse.net www.travelzoo.com
1 widget-pixels.outbrain.com www.frommers.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 aff.bstatic.com www.frommers.com
1 www.google.de www.frommers.com
1 clients1.google.com www.frommers.com
1 pixel.quantserve.com www.frommers.com
1 static.adsafeprotected.com sablesong.com
1 script.crazyegg.com www.googletagmanager.com
1 rules.quantcount.com edge.quantserve.com
1 pro.ip-api.com cdn.adligature.com
1 media.travelzoo.com 1 redirects
1 www.googletagmanager.com www.frommers.com
1 edge.quantserve.com www.frommers.com
1 js.createsend1.com www.frommers.com
1 js.adara.com www.frommers.com
1 code.jquery.com www.frommers.com
0 travelspike.azurewebsites.net Failed cdntravelspike.azureedge.net
649 151
Subject Issuer Validity Valid
*.frommers.com
Amazon		 2022-07-21 -
2023-08-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
hjalp.alfred.is
GTS CA 1D4		 2022-11-25 -
2023-02-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-31		 a year crt.sh
*.createsend1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-02 -
2023-08-08		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sablesong.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
ssl.travelzoo.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-05-26		 6 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.adara.com
Go Daddy Secure Certificate Authority - G2		 2022-05-31 -
2023-07-02		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.adlightning.com
Amazon		 2022-06-09 -
2023-07-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.bstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-21 -
2023-10-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.vi-serve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-10 -
2023-08-30		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
tag.bounceexchange.com
R3		 2022-11-25 -
2023-02-23		 3 months crt.sh
rock.defybrick.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.truste.com
Amazon		 2022-12-18 -
2024-01-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.booking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-03 -
2023-07-11		 a year crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-25 -
2023-02-23		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.inforsea.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-09 -
2023-03-28		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-12-06 -
2023-02-14		 2 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.wunderkind.co
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh

This page contains 70 frames:

Primary Page: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Frame ID: BBC876B49138BC3BBAAD99F3B6DA22C8
Requests: 216 HTTP requests in this frame

Frame: https://cdntravelspike.azureedge.net/scripts/frommers.html
Frame ID: 583D042EEE560A7BE350AF23A7B05E07
Requests: 3 HTTP requests in this frame

Frame: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Frame ID: 3F3A738FDC36F61907DC5DEE8018FF44
Requests: 19 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 589E7BD8EDADBA40CD519FD0F027A1FF
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Frame ID: 8AFDA76850C718D36B6F6EBFFF347A43
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmgBfDjWRjoYg0RVsmEc5veRuVm139KCJy5zQlTWaSUUUyHIiuzYHUzF_lKUJ3DRZ6zoqHmpkE6y0hb2SgoI_uloYao9yT8bR3kh_gDQgdISYyZ2dbNofOqizc5jHJYbU-Z1-SdYZF2k3ExLrUHusS3joZsf8CS8qgVptUm23n6SyHXhxLCHoJZAGuSM6LVg0GbDqbGgrvjF35laG64palB5yP3VvpaAoUaVntxvj4V7uaoD6Yl7KGuG9ys3UGzmkAST6QkxM2slO2XNPlGLg6GuO9cqmArXraLjuNTap0VJipACu3xoKCo-aU2DRtqQRokjgCg4C-XIYz&sai=AMfl-YTyhoPdx6qylAMhNs_RIGkG8TA4k0L9tDrdEWIiUM98tgq72WOPfKP480S8Q0_HjBMEd5DnK1Fm-9f4VcwAAGBd52i_xr0vev8lAiJcSiTBEmtXwtFnbftHtiSF3BJLDg&sig=Cg0ArKJSzJSat1Vwko4TEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EEB19E8A12687371F6ED44AC4DB1B1CC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYZAxvBCnSq8L-BgEA9S5pUJToFI6t8rayOuWMJ2fWiKJ7fZ-LuaUmVf0kEMYTc_Ft6bzv-PcGj6EnpKxYYA-3zdIXgXd-FJy1xCBaKNMhHX2uyyz-O04kzgPmAZXGAr_Ez0y0ilfY1G-BZ08HWlO3e2vCjHgyhZy3VYF0VekIrPIjW5DQXuKEfTRslh4m11FfgZztMjrfUiN25wk7zlVb6xBTvGa0cqdYcJhkaSO-IMSxsVFInhR8zMZGwEJOxOkfUkbxeocwvFwQOYese_wqVzoeCdhKbVEH34KEn_clpTHm5d9Y35PLoeRUgeXy-rKS&sai=AMfl-YQl7qAALbT6GrTF8m4cW1OReu8gFQV4LH05NzDbobeTZxoKc3MOB1y6p2ZUGNRxY8OzpBaopYANIe2Fah-UKArMMZE5wy_6urs0Nc4XfocM-WrRYad2XVvoMdEz9NBu0g&sig=Cg0ArKJSzByJ4MRVOuN8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2F5DA0F85CD081C9FE73DCE48CBC379E
Requests: 6 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/4CN53-63CAE-6PV78-GM8V7-FZPPY
Frame ID: C5B9370F8CFC932B4EE7EDDCE7A3CF39
Requests: 2 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F54FE4A2839E3EE124638734FA9C3D5
Requests: 27 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F616074581845232998A0CAD23B9821
Requests: 20 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2A67F0AF6A006C7FE835F55E889674D2
Requests: 10 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Frame ID: BD158A7C21DECC22C06B28E0E22BA915
Requests: 12 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 679E93EC9E12DCEDDDD71D23F1D1AEED
Requests: 9 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F2A1FC0B277DC24D9D4420E4EF2F0940
Requests: 17 HTTP requests in this frame

Frame: https://9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5B69C03EB1244C74FD74C4A0F5E33161
Requests: 1 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 622019B68C6F5A4E11D494689875BCFF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3375AD385C804469457F551670572871
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Frame ID: 565550980280B6720469E9082AE00F5E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8BDEA10419C1C09959AEB3B8AD19D6F9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2SMss1BBWRRz3MzdTpphLNu17NF9wP59BhkW-fDnXqJQINEHKGZMUF_ruYp8bLdRt6eAAy7peLh7dAJ9FmQQUzJ0BfwKawTr0kv5D8cYU4MbNqYNzgAFtbDfypWt1PwHn_LZ4IKGOilBT2rFDPymZVujD-44WS-sqCT5NEQhx5BcPzAoWUTzkOLzZ5rRKroEZ6qbHdZqfXXqLFZuLYZM3yy6YtFeP4K9GaoZB6GkJ3FPi3GYJID-eD6nsWKvXWvOma9AxIW4o0u_jUE6nECCTLeUkrII7Igu_iLvr3s23bNY3mI1zhmaFhGdBnLvSFb1XV5ycBL5C9SRl-6vxSg&sai=AMfl-YQJokZNH7b7Aa6oLjji1BTQTUDhvUAy1fPZiW6Mt6_YdnFh3DhYnsXe9JDmeNWPADwMdGtQpIqsnz0amxMeRJzwidONprVl9gYvpwVV&sig=Cg0ArKJSzAoqW00is4tvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4F739DED4D75D0D6830308C9FF9AA27C
Requests: 13 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FF7142E4AA268032D3424EA0BA4227B
Requests: 9 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9D2B299800943D1A17AED35D60388665
Requests: 17 HTTP requests in this frame

Frame: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A8593688900500248E0056F016DDB33D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Frame ID: 42EFE2A1A05CA5CE15DC9862CC353780
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 60704F4B80C69E4BFEA9285FD4797E20
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5C739728B97D6A250FADFC41AEFC66AD
Requests: 9 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 687F93F43D5FBAD9DD34E29CF36E51AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F281299C88D0E35020F9F92F9ED88D14
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C80071A01D4915199A0B001198438A72
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClHrC9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS8Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZFL3svlBYAVPysPFeEF056uYavn3yiZzjM1_JeaLtH0K033PR3aHgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM2ODY0OTU2NTk1NjMwMxiiiBQ&sigh=UvE7GzoqrR4&uach_m=[UACH]&cid=CAQSOwDq26N96yI_-l-xxhcjy0w0kGbZrxnCxAIjXGYewBXi7OEY45p5lbxwqdf2Y7NYDJPoAPlG-u6YSFuNGAEgEw
Frame ID: E73310280CE1F017DC27FE4C9A79E356
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hw490hb69809t1860j8jywz97k87dacp9bvmc4zstbdk87aj42pzcd8vn2jmeaz4x6abnj72zfrpb4mv88h42en42yen403a7ecpesy363djrec6j59hv5p9rgy1cnj99xtab095dnjm8yg99x9tzzagx18qyxhmt725xs9jrzpkbk2wnmph1gqm7k45at3x697chwcgymb5drx9b4sh4gbc52gx93t1zksy6pe95gwv9da6gbge064db1r7753pvg1a73dbam74449mdqgjkqg9f5cwwjk0z795skn1j8c1nswh01f1m6179rscf5m71t59qgmvqf8tjxejveyky59366c8dqcnxznhwht9j5tm1d8nnw85nqvgwfcq5g1y8qw52rg36vgrbwy8zmr5pj84fexa686athzhhaeafj3ynmks9x0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%26client%3Dca-pub-6368649565956303%26adurl%3D
Frame ID: D181F18B2790993CB69B44CE28CC41CA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 940D0BCE6FC67E27A208094C4F009197
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Frame ID: 4CEE2D7BC2F6FF94A2CB3BC0DF95A83E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D4530DD0E42D7298FB003CBED78E0572
Requests: 2 HTTP requests in this frame

Frame: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 09DCD093F633DC900593507AA16983AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 620AAABD45AC3152D3C4D3D872C85919
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Frame ID: 3BAA6F801D39941A4F463E1CB22B558E
Requests: 28 HTTP requests in this frame

Frame: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 7D160E6DCFAF0844942C8C25DC12CC38
Requests: 7 HTTP requests in this frame

Frame: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: C8FD6C139F98E63059CDAC834A63EFF2
Requests: 7 HTTP requests in this frame

Frame: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 6454B8494D6443093A6F9138FFFBBC52
Requests: 7 HTTP requests in this frame

Frame: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: D27F9341936119E0C799C5F9EBC966E0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Frame ID: 3D476EDBE8F39D359E39FDEB629C025C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 332DE40FBB99EBA5530CECB49F8FEF4F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E595B941BBB2DD0AFEC4DC5B89933E3A
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6B8337D0662298BD22D3F4EB9B8BC395
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7DE69755A0B66B5A3A42505D1762CD26
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04315C1F4054AC6F1DC7092A79D0C4ED
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3182AA003152312E0C9441B220D5ABFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE348E3DD234971F64D11EB687CAC61E
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Frame ID: A76C92F146128D1C0E2805FD9391056E
Requests: 11 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 2A737FFD03974959E16457BF27D7705B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C120BA4CBE16602B9CEC55035F770A5A
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: CEA7437933A2D60B541FCAB31D748F19
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158055&gdpr=1&gdpr_consent=
Frame ID: 7E4245792E38FB0046AD377318E6954D
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 4CF21D9A99BA0BA51A1CF9B39FF2FAEB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E678560DCA344F3A6639BBBF159FC69A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5C34BD2846552EFFAFCA809A7C460083
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&
Frame ID: 9000CEDA5B33DC89DE476642C479BFEC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: DF4F04B7020A4FFC9ECB4A21D05B35CE
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 1705D8A9F91A088D7818EACFF54BFE3F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6301DF40F250593E01C6318F35431567
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: B12C605C8819544099555CBB778F752D
Requests: 19 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3D109CAD262C6286D7DDFCCB20A8EE96
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CC6F5276B30CD5DA218F2CF7F050F0E0
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: FCE4DE1F490A40A41D8E5050B5F38342
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 844EEA0A9D97E6176627C15C32BF4624
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9773ACAF0EE025D3508EB3B0862E0028
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: D72FE93A79EDCFC37589A3CBB5085B8A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 80CA61C41D9BAE8CAC41D178F557FC0B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 181810E5A94F3E5B315A686EF24274E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entry Requirements & Customs in Brazil | Frommer's search

Detected technologies

Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

649
Requests

93 %
HTTPS

37 %
IPv6

86
Domains

151
Subdomains

110
IPs

13
Countries

13813 kB
Transfer

31638 kB
Size

85
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://www.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc HTTP 301
  • https://cse.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
Request Chain 57
  • https://media.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300] HTTP 301
  • https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Request Chain 77
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=1580&_yoid=4ff4c481-d909-4437-b635-446aa81f72fd&_yosid=9d00a024-5bed-41b5-b8ae-ea4012c95acd HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=820279963&t=i&p=1580&_yoid=4ff4c481-d909-4437-b635-446aa81f72fd&_yosid=9d00a024-5bed-41b5-b8ae-ea4012c95acd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjUwNDUyMTI2Mg&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjUwNDUyMTI2Mg&google_sc=&google_tc=
Request Chain 100
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&tiba=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9aCjY5GbGKasmLAP0pau4Ak&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&tiba=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9aCjY5GbGKasmLAP0pau4Ak&cid=CAQSKQDq26N9qZJRRfqqYEpBWcsZ1cWk7Tn4Z2uUDg05LARS-CWE5zL4qTf8IBM&random=797876733&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&tiba=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9aCjY5GbGKasmLAP0pau4Ak&cid=CAQSKQDq26N9qZJRRfqqYEpBWcsZ1cWk7Tn4Z2uUDg05LARS-CWE5zL4qTf8IBM&random=797876733&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 164
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=6fqgapcd HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26tier_three%3Da99jcch%26tier_four%3D6fqgapcd%26uid_ts%3D1671667958 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=2841619000722146709&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=6fqgapcd&uid_ts=1671667958
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=HRjdi-EhDvr0WPiksGFZiw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT HTTP 302
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT&google_gid=CAESEJupefruuf_rGFQXEcmmTDo&google_cver=1
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_hm=HRjdi-EhDvr0WPiksGFZiw&google_nid=sojern_adh HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDor1k4VjeCV9rn8GCTEgXUBWt0hP0JvPJdOk0kK4WpGrFcfUDtTwBe1iarqEpH4Rb96l1i5AClT85ChnzY2L_e2bJqM62lbvoyi_DFghCNdOJfiafx0 HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDor1k4VjeCV9rn8GCTEgXUBWt0hP0JvPJdOk0kK4WpGrFcfUDtTwBe1iarqEpH4Rb96l1i5AClT85ChnzY2L_e2bJqM62lbvoyi_DFghCNdOJfiafx0
Request Chain 190
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DTBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT HTTP 302
  • https://pixel.sojern.com/idsync/apn?id=2841619000722146709&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT
Request Chain 265
  • https://gcdn.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6E54CD31AD625D8CABD175DB7610B89DE4F7CC3F.1059EBC167566BAA4FE0EF1911AA4445979C8D44/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7F043C0604ED22B40A28E45D450338E7F856FA21.7EEC1F5E2E7EE1B162626BB68B06A65A820D0B36/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:20:3d00:1011:4bdd:b426:df05/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1671667714/mv/m/mvi/4/pl/49/file/file.mp4
Request Chain 275
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHY5n6-7rLubfqpOrUkUF0s&google_cver=1&google_push=AavPq0OPRfYVrl7lVJiZin0ziSRhLo7YzeUc8v-Ib1K_mH3a3a-r8ntqyL5SeShjrjqC78T2u2ycnu50kEYwWrNaBR1MoYhCMPIJgw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OPRfYVrl7lVJiZin0ziSRhLo7YzeUc8v-Ib1K_mH3a3a-r8ntqyL5SeShjrjqC78T2u2ycnu50kEYwWrNaBR1MoYhCMPIJgw&google_hm=o3yG5-rjSvqlj14U6VTDm0U
Request Chain 276
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEQUN785HzrZvSN2ar0WFfM&google_cver=1&google_push=AavPq0OTtVcHo19XoqC3KPyZremEQeYAWUR4VyQW27wRxnY1XHmrUIX8gvurFKk6C421pz4Cz13mnSNaFTwmbz6t5al27iEPhKQ8qA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OTtVcHo19XoqC3KPyZremEQeYAWUR4VyQW27wRxnY1XHmrUIX8gvurFKk6C421pz4Cz13mnSNaFTwmbz6t5al27iEPhKQ8qA&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
Request Chain 277
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEElxV512jBnv6PDCZ5E1nj4&google_cver=1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671667959917 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-824bf005-5ba7-4e7e-964d-e650a0e5dccd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw%26google_hm%3DA4JL8AVbp05-lk3mUKDl3M0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw&google_hm=A4JL8AVbp05-lk3mUKDl3M0
Request Chain 279
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELMUygyAK2yyeQZIeYQae_U&google_cver=1&google_push=AavPq0OpTteF0-79iF7_V6ZyW3KCIoU_nFmbaTaEV3JIq_JlLAb4L7QJyBdOgrOalIYmCI0CsTF6nEt_HqSN0UqbVK-72Il2sdJbQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjg0MTYxOTAwMDcyMjE0NjcwOQ%3D%3D&google_gid=CAESELMUygyAK2yyeQZIeYQae_U&google_cver=1&google_push=AavPq0OpTteF0-79iF7_V6ZyW3KCIoU_nFmbaTaEV3JIq_JlLAb4L7QJyBdOgrOalIYmCI0CsTF6nEt_HqSN0UqbVK-72Il2sdJbQQ
Request Chain 307
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 344
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cver=1&google_push=AavPq0OKIwQolRUI4Ak6zaWz9BwoTAqdBlIZSqW7Lq2JQhELElhxdkRS9Qn2bgoBgS1Js-MWQwOBfCmbV0M5QRizT5ooEG5MMs4 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cver=1&google_push=AavPq0OKIwQolRUI4Ak6zaWz9BwoTAqdBlIZSqW7Lq2JQhELElhxdkRS9Qn2bgoBgS1Js-MWQwOBfCmbV0M5QRizT5ooEG5MMs4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RG9taEY2RFIxUDg5Y3M1&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cver=1&google_push=AavPq0OKIwQolRUI4Ak6zaWz9BwoTAqdBlIZSqW7Lq2JQhELElhxdkRS9Qn2bgoBgS1Js-MWQwOBfCmbV0M5QRizT5ooEG5MMs4
Request Chain 345
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHbJxJX9bVWKQ1NsAmZHdLI&google_cver=1&google_push=AavPq0O_kC0Aep6LzrTJ_JMyEhXnAKSraDL-VZ08KyJ5oEZ_kksX1ON0h7ll4EP5yhVOR_6OPyrD7qnT2rfPDLbR0MekQq0gOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0O_kC0Aep6LzrTJ_JMyEhXnAKSraDL-VZ08KyJ5oEZ_kksX1ON0h7ll4EP5yhVOR_6OPyrD7qnT2rfPDLbR0MekQq0gOQ
Request Chain 346
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbWqki4Mb_6dnsSpgUMMw0&google_cver=1&google_push=AavPq0MichwRicoP8bDwu4PgVbZLzWgGym87DYxQhaAvMJRSVdHVftMjVWW_Py6RXexxlG4nZtfg9RwbGxrFof_JSLFjvUh6AA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0MichwRicoP8bDwu4PgVbZLzWgGym87DYxQhaAvMJRSVdHVftMjVWW_Py6RXexxlG4nZtfg9RwbGxrFof_JSLFjvUh6AA
Request Chain 347
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELEz9t3l32DsiXJPHV1q0lA&google_cver=1&google_push=AavPq0PRUswRr1Twzt2rnkRHF4O_i9kuVwbNvgKor45fypjIH_UtwwObvfP4yPJoBRrmSDU7Nmxr0V3ocnWk3OysouQuEmzkfG4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0PRUswRr1Twzt2rnkRHF4O_i9kuVwbNvgKor45fypjIH_UtwwObvfP4yPJoBRrmSDU7Nmxr0V3ocnWk3OysouQuEmzkfG4
Request Chain 348
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJyJXQjq6dETDJCes4fuVsE&google_cver=1&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJyJXQjq6dETDJCes4fuVsE&google_cver=1&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
Request Chain 349
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEQUN785HzrZvSN2ar0WFfM&google_cver=1&google_push=AavPq0OACZV0f3ZG44SPK9SvmbeYBuLovW-cicY-pd8vL135twoCNq5WQa3xx4S3v6zRgqEEFhFjfyurCtYzi80RAYijzRevto8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OACZV0f3ZG44SPK9SvmbeYBuLovW-cicY-pd8vL135twoCNq5WQa3xx4S3v6zRgqEEFhFjfyurCtYzi80RAYijzRevto8&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
Request Chain 350
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECLSKjdcQ4_i0rwBJOYjOfA&google_cver=1&google_push=AavPq0O7GH5IZUHHG4-LtssjpoDSSwG3PevJzfNCuHn_0uceqDBidgxxCsXLYskR3qSNPezJCyqGJ-jwAbdxx_uz8Itt33OEKaqp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0O7GH5IZUHHG4-LtssjpoDSSwG3PevJzfNCuHn_0uceqDBidgxxCsXLYskR3qSNPezJCyqGJ-jwAbdxx_uz8Itt33OEKaqp HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 363
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 364
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHnHrL-bnnodIcOss1e-zMk&google_cver=1&google_push=AavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHnHrL-bnnodIcOss1e-zMk&google_cver=1&google_push=AavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 365
  • https://um.simpli.fi/gp_match?google_gid=CAESEPOOXsugoOLXR6BkJZK0zZY&google_cver=1&google_push=AavPq0NdLR6wNPJKFbZUHcT513KBIr_jrfnv_dOE5x1YOjYDZEJR8C-w2EuaU8NzhphuvDQdb_D7Q818mfAb8EF4dnga88AvX7Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0NdLR6wNPJKFbZUHcT513KBIr_jrfnv_dOE5x1YOjYDZEJR8C-w2EuaU8NzhphuvDQdb_D7Q818mfAb8EF4dnga88AvX7Y
Request Chain 366
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1IvFOIf-7saRHYnwhHEHo&google_cver=1&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6zeiTwgW-pbIMQAGE_4hqgg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1IvFOIf-7saRHYnwhHEHo&google_cver=1&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6zeiTwgW-pbIMQAGE_4hqgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6zeiTwgW-pbIMQAGE_4hqgg
Request Chain 367
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMDU6omsdmJB9JA-yPXfszw&google_cver=1&google_push=AavPq0P8B6x-vYDs8q7g3AbsJgEPfNOV-cANNbLc3giSw_TFWBIBpWIJ1Va85NfWwoMSVyPKYpwWNFp3fYfFpEe2JEkbOkfKtmg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMDU6omsdmJB9JA-yPXfszw&google_cver=1&google_push=AavPq0P8B6x-vYDs8q7g3AbsJgEPfNOV-cANNbLc3giSw_TFWBIBpWIJ1Va85NfWwoMSVyPKYpwWNFp3fYfFpEe2JEkbOkfKtmg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Q0j_LOiSaeCoP9UFzaObA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P8B6x-vYDs8q7g3AbsJgEPfNOV-cANNbLc3giSw_TFWBIBpWIJ1Va85NfWwoMSVyPKYpwWNFp3fYfFpEe2JEkbOkfKtmg
Request Chain 368
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHYovQzRMdDOz7Q2Ht6QmoQ&google_cver=1&google_push=AavPq0N9CK9xZGyxQqaPKMAGIup52eaZIygG_dorSZuaqKtkJQGnw0BYF18jjpe7dYumgq9G7EPn6mqVhzDWLqm54xZgAEUWv5I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJZQlhYWVUtVC1JUFY3&google_push=AavPq0N9CK9xZGyxQqaPKMAGIup52eaZIygG_dorSZuaqKtkJQGnw0BYF18jjpe7dYumgq9G7EPn6mqVhzDWLqm54xZgAEUWv5I
Request Chain 369
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOGOXXFH6mO2-QIr5AJktpA&google_cver=1&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63mHeWjtb8lE HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOGOXXFH6mO2-QIr5AJktpA&google_cver=1&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63mHeWjtb8lE&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63mHeWjtb8lE&google_hm=F2xMvGZHvf_92XPVRoitmdSO
Request Chain 370
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGt_-N0hflk4EFA4j8DhqlM&google_cver=1&google_push=AavPq0OAp7-1bhRV2rAqF9Rz__a-rM14Nek_iAbu6CMeRd-mnXbotXdYXSLEX-iSb3Ol3sanr0UKJWBk2jaXUHGV_Ehnj7dOhGTd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mRE9QSng1RTJ1SGVZdVlwUEFVQUNXcEFBZnkydnE0ZX5B&google_push=AavPq0OAp7-1bhRV2rAqF9Rz__a-rM14Nek_iAbu6CMeRd-mnXbotXdYXSLEX-iSb3Ol3sanr0UKJWBk2jaXUHGV_Ehnj7dOhGTd
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHbJxJX9bVWKQ1NsAmZHdLI&google_cver=1&google_push=AavPq0Oz9QTHALfJa8c1D4UYv0qS0bYSiXVSpgGv9bv-VNku3QN_ZM1ftX7mwoXuMolpsUfVYUeN0fL3PBr9WQJvKprHW7Gcd7P_gw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0Oz9QTHALfJa8c1D4UYv0qS0bYSiXVSpgGv9bv-VNku3QN_ZM1ftX7mwoXuMolpsUfVYUeN0fL3PBr9WQJvKprHW7Gcd7P_gw
Request Chain 391
  • https://um.simpli.fi/gp_match?google_gid=CAESEHFiZP_K6kGXMFqE8cGkMU0&google_cver=1&google_push=AavPq0P7vH_WDT9sDSLQEAnKfzh1pfCn7m23Z1l6iBE_X8iGcnatomOqtmt7s57qd64JcaZJtNJyIIbbfk0wOSEwXLaxfFdxdNVHBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0P7vH_WDT9sDSLQEAnKfzh1pfCn7m23Z1l6iBE_X8iGcnatomOqtmt7s57qd64JcaZJtNJyIIbbfk0wOSEwXLaxfFdxdNVHBA
Request Chain 392
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbWqki4Mb_6dnsSpgUMMw0&google_cver=1&google_push=AavPq0ORG0CPioyLrqSYdlqiPiIT3o6iI2zp5Det0n-odJI6AV7_2Oa_oaqMhq-lfi2ord39Brdid9sHsWP_RPrYh3R_qRwrsZoq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0ORG0CPioyLrqSYdlqiPiIT3o6iI2zp5Det0n-odJI6AV7_2Oa_oaqMhq-lfi2ord39Brdid9sHsWP_RPrYh3R_qRwrsZoq
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJyJXQjq6dETDJCes4fuVsE&google_cver=1&google_push=AavPq0PwycJrdwa5F67B9sKxTBrw26moZJpcGUmKk62d3X7tHhwKLBigS5Wol96EjxgQw9-AVB7dOSF6eiZeYmE9zT34mNgzk0V- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3c37e446-8e4b-4f22-ad58-1323a860bfea HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3c37e446-8e4b-4f22-ad58-1323a860bfea HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=dbfd607c-c3d2-422f-9b18-40cafcd8fbd1&user_group=1&ssp=google&bsw_param=3c37e446-8e4b-4f22-ad58-1323a860bfea HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
Request Chain 394
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEQUN785HzrZvSN2ar0WFfM&google_cver=1&google_push=AavPq0PV7vQColpOSG5TPT513zoKX_z5teEqqB79FwpkNxLZq_nmwiwrGEqn68IbHFM4tf-jXZ8VBGxYMVsD-jM8QDoUssKRs8GA8w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PV7vQColpOSG5TPT513zoKX_z5teEqqB79FwpkNxLZq_nmwiwrGEqn68IbHFM4tf-jXZ8VBGxYMVsD-jM8QDoUssKRs8GA8w&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
Request Chain 395
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECLSKjdcQ4_i0rwBJOYjOfA&google_cver=1&google_push=AavPq0OHONoswajOIgSkiF-52aCoagwMLdBD6kkLyHhwZFUXqXWnxsGRASHbNUep5KUd7KFG9MtuChTddIw_XM_07erjM_tr1Wgvjr8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0OHONoswajOIgSkiF-52aCoagwMLdBD6kkLyHhwZFUXqXWnxsGRASHbNUep5KUd7KFG9MtuChTddIw_XM_07erjM_tr1Wgvjr8 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 434
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHbJxJX9bVWKQ1NsAmZHdLI&google_cver=1&google_push=AavPq0NdQkq1XYvntBk17uCP7rR6Dom08Aw5jGJhErMlW1QnQXvOhvz2VwO6sVDEKabahM_WePaD34MDxJ0-oqpgCCDFfKbExpzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0NdQkq1XYvntBk17uCP7rR6Dom08Aw5jGJhErMlW1QnQXvOhvz2VwO6sVDEKabahM_WePaD34MDxJ0-oqpgCCDFfKbExpzw
Request Chain 436
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHY5n6-7rLubfqpOrUkUF0s&google_cver=1&google_push=AavPq0Pi3ZuOeY038KOVcdE3Hk1mmFd8XnpP2mOM0MY9KB3LMWdG9gFR8T9gKxjKZSoh_29YFqb6w-CgsKtjrMexZJovckraIQbF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pi3ZuOeY038KOVcdE3Hk1mmFd8XnpP2mOM0MY9KB3LMWdG9gFR8T9gKxjKZSoh_29YFqb6w-CgsKtjrMexZJovckraIQbF&google_hm=o3yG5-rjSvqlj14U6VTDm0U
Request Chain 437
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbWqki4Mb_6dnsSpgUMMw0&google_cver=1&google_push=AavPq0PRQs24egrE7-qBjafmZg7AVXMuJXLDZ7lXS37761RbttzAU9A_F75uqFX07o9Ld_AbE1RzEVRZ857xz6XkhKyW5ZCd5qI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0PRQs24egrE7-qBjafmZg7AVXMuJXLDZ7lXS37761RbttzAU9A_F75uqFX07o9Ld_AbE1RzEVRZ857xz6XkhKyW5ZCd5qI
Request Chain 438
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELEz9t3l32DsiXJPHV1q0lA&google_cver=1&google_push=AavPq0NeJaDsB7DfUpnOmLhHLs9SKzOQ_s4E_vSpDGHKiY-rybtIxttee8yhT-IXLpG5-3J8XlTApU1QWU1NdOKAU8XpQFNviQxj HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0NeJaDsB7DfUpnOmLhHLs9SKzOQ_s4E_vSpDGHKiY-rybtIxttee8yhT-IXLpG5-3J8XlTApU1QWU1NdOKAU8XpQFNviQxj
Request Chain 439
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHreSpxE6xT-dtraf4Gtivw&google_cver=1&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pleyNa3 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHreSpxE6xT-dtraf4Gtivw&google_cver=1&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pleyNa3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pleyNa3
Request Chain 440
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJN_iRR3prYuZuoG2KnyR90&google_cver=1&google_push=AavPq0O0fZ0SR4PIGNkCwbhuHe3V6I6yAPEBTa-VEdpEL-URJtvlIhw0B-wi6WAuKwlJMCvWhIF8rKgJFsqYps5fLLElMGj7tT_v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0O0fZ0SR4PIGNkCwbhuHe3V6I6yAPEBTa-VEdpEL-URJtvlIhw0B-wi6WAuKwlJMCvWhIF8rKgJFsqYps5fLLElMGj7tT_v
Request Chain 442
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 458
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 533
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COil2Lj4i_wCFbjHuwgdo4ICvA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Request Chain 536
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPii2Lj4i_wCFduE_QcdWwADaw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122201124279726569515X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Request Chain 539
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1671667962_5a771980-818d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 572
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 579
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6Og.mbXgEGkoHmobTERnAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUows-1oTm_A6SE8vcJ8W4&google_cver=1&google_hm=2
Request Chain 580
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB&dcc=t
Request Chain 582
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFl9VhVsk9UpJ1VuCuLTxw&google_cver=1
Request Chain 583
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5c96963f-5493-474c-92d6-4ede5845c35f
Request Chain 584
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2841619000722146709

649 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request entry-requirements--customs
www.frommers.com/destinations/brazil/planning-a-trip/ 		68 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
221d4163efcc33901c81b361064c1ebcf71de469c694f2cd38892677b95a7add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 22 Dec 2022 00:12:36 GMT
etag
W/"221d4163efcc33901c81b361064c1ebc"
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
adce980d-7675-492a-b37f-00111bb21769
x-runtime
0.024497
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Dec 2022 00:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 23:21:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Dec 2022 00:12:36 GMT
application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
www.frommers.com/assets/ 		186 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/css
date
Thu, 22 Dec 2022 00:12:36 GMT
cache-control
max-age=31536000, public
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 18:56:29 GMT
server
nginx
expires
Fri, 22 Dec 2023 00:12:36 GMT
searchform-e39c40ff1effc47227ceeffdbc88c846ff688172aade25ec6f21fb19e9b45fd3.css
www.frommers.com/assets/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/assets/searchform-e39c40ff1effc47227ceeffdbc88c846ff688172aade25ec6f21fb19e9b45fd3.css
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e39c40ff1effc47227ceeffdbc88c846ff688172aade25ec6f21fb19e9b45fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/css
date
Thu, 22 Dec 2022 00:12:36 GMT
cache-control
max-age=31536000, public
content-encoding
gzip
last-modified
Mon, 24 May 2021 19:39:48 GMT
server
nginx
expires
Fri, 22 Dec 2023 00:12:36 GMT
jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CITejp0GEp8BCiRkYTYwOTNmMi1hYzE3LTRjMjctYWRlZS01ZDYyMTY5NjE4MGIQ+OiCoKvU+wIaBgj0wY6dBiIkMjAwMTphYzg6MjA6M2QwMDoxMDExOjRiZGQ6YjQyNjpkZjA1KIS5AjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkODZiOTg2YTktOWE5NC00Mjk0LTkzM2YtZjI5ZmYzN2VmYjFjGKIvIhgIAhIUY2RzMjY1LmZyOC5od2Nkbi5uZXQ=.0uHtZJ+qDcwdv+HuoCprWmvokJ8TAW1XUfoiynWopB8=
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-7d2e"
vary
Accept-Encoding
x-hw
1671667956.dop012.fr8.t,1671667956.cds258.fr8.hn,1671667956.cds265.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6050
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 22 Dec 2022 00:12:38 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116325
application-333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c.js
www.frommers.com/assets/ 		920 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/assets/application-333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/javascript
date
Thu, 22 Dec 2022 00:12:36 GMT
cache-control
max-age=31536000, public
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 14:36:28 GMT
server
nginx
expires
Fri, 22 Dec 2023 00:12:36 GMT
index.js
js.adara.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adara.com/index.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cb557a93cee9ab58da4f7e0ded20309261f563d53dc5573ccf6a4a1a9ed6a30
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
date
Thu, 22 Dec 2022 00:12:37 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1617
x-served-by
cache-hhn-etou8220023-HHN
last-modified
Mon, 23 May 2022 17:57:27 GMT
x-timer
S1671667957.163824,VS0,VE0
etag
"7a8337caae20a0c135adffbe3cb67fe41d814816469cb25a936431d29e14d413-br"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
49434
rules.js
cdn.adligature.com/frommers/prod/ 		59 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/frommers/prod/rules.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5435f52c67618d35ef3c4257ba1ca4822ba832488821f64633374a04a798e15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=107042
x-guploader-uploadid
ADPycdusPTXFSPUoD_NXiOGmgRkibWIZYHC5ecg_GmQAKS_qRR_GHERZpghl-qjZBVMNAA56fyGEXkps-q9U4HLM0KP-TQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 17:38:27 GMT
server
cloudflare
etag
W/"369651d2faf1d718770216efe4945ade"
vary
Accept-Encoding
x-goog-generation
1669052307561940
content-type
application/javascript
x-goog-hash
crc32c=xg2iKw==, md5=NpZR0vrx1xh3Ahbv5JRa3g==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwZIhmp4gmXJWmKtR3SMW03LbTQIFAM02taB6C%2Fp9m3nrgRodc4Q32zaMEC9BDnmXs0VfwJA%2FIEvrSLuT8s9GrfTNXBJT9ADC1RGv4qwAeC78jgwpoIgM4R6LiOCuNqtgV%2FTrA0peU1Qqf3jb4UFubQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
107042
cf-ray
77d4a5996d439116-FRA
expires
Thu, 22 Dec 2022 00:22:36 GMT
rules.css
cdn.adligature.com/frommers/prod/ 		201 B
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/frommers/prod/rules.css
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030d90525699b38b1a530bd2fee0ae07b3134cad1a22a3bc698b848e7af66639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=467
x-guploader-uploadid
ADPycduSdg2NWpqOIk_55IXIy4pALAqG1veAG3DlYWfZWcC_FioadnGhoJzeZy-57vNg3EVzgmQt6cffOCG6FY6UdrxHZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 17:38:26 GMT
server
cloudflare
etag
W/"8c3733790084cfd0eb6b0077dfb62e87"
vary
Accept-Encoding
x-goog-generation
1669052306171035
content-type
application/javascript
x-goog-hash
crc32c=ncVWBA==, md5=jDczeQCEz9DrawB337Yuhw==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsCQpgwc8uWZt7mPDKKpM8ABbGjKMH1yfy3L%2BLEaPTiHSOOIkXeiMAlYAtYstzJok%2FUiIYg2muLfd%2BWAucyjUybklRY8Pv1GtRNLivjGRbyP1p%2F2cN9q0gwV65Hus2mvQwvUyEiW0TsTX8jCGRU8MuA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
467
cf-ray
77d4a5996d429116-FRA
expires
Thu, 22 Dec 2022 00:22:36 GMT
frommers-logo-default-2015-405e320cab35cd1c12ff8daeb9b293490097da90080311b8a6c72bd9af2108ad.png
www.frommers.com/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/assets/frommers-logo-default-2015-405e320cab35cd1c12ff8daeb9b293490097da90080311b8a6c72bd9af2108ad.png
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
405e320cab35cd1c12ff8daeb9b293490097da90080311b8a6c72bd9af2108ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 24 May 2021 19:39:48 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5413
expires
Fri, 22 Dec 2023 00:12:37 GMT
santa_maria_cape_verde.jpg
www.frommers.com/system/media_items/attachments/000/869/655/s150/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/869/655/s150/santa_maria_cape_verde.jpg?1666127499
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b68b734793a0e1ff48bf9544bf1f131c667b280931d38235a1646c39849a3f06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 18 Oct 2022 21:11:47 GMT
server
nginx
etag
"634f1693-2db7"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11703
expires
Fri, 22 Dec 2023 00:12:37 GMT
9002-52915.jpg
www.frommers.com/system/photos/photos150/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/photos/photos150/9002-52915.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19c35417d4d3554b40996564bb1e2a1e47f65c4c378fdec8af5ae9b09cdd593b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 18:09:01 GMT
server
nginx
etag
"5bcf63bd-d08"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3336
expires
Fri, 22 Dec 2023 00:12:37 GMT
open-uri20161011-29531-o92se
www.frommers.com/system/media_items/attachments/000/857/482/s150/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/857/482/s150/open-uri20161011-29531-o92se?1476226986
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5e748e8c74d5ea6923baeb1165eb4b431d8b4d343d4dfa3c639b8c707b4f929f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:35:55 GMT
server
nginx
etag
"5bd86c4b-2b5d"
content-type
application/octet-stream
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11101
expires
Fri, 22 Dec 2023 00:12:37 GMT
brownpau.jpg
www.frommers.com/system/media_items/attachments/000/854/971/s150/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/854/971/s150/brownpau.jpg?1433856745
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7ef81ed53d5ee9c2d6750a523c8353f29d0f1cd62185ad02f79a1225c9ac16af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:41:23 GMT
server
nginx
etag
"5bd85f83-505c"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
20572
expires
Fri, 22 Dec 2023 00:12:37 GMT
BCSilverSalmonCreekLodgecp.jpg
www.frommers.com/system/media_items/attachments/000/863/668/s150/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/863/668/s150/BCSilverSalmonCreekLodgecp.jpg?1546982612
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bf009d69705f9635a31efcaafe16f4a201dc5e19176fb7d7d47c0006a091f6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 08 Jan 2019 21:23:35 GMT
server
nginx
etag
"5c3514d7-2e87"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11911
expires
Fri, 22 Dec 2023 00:12:37 GMT
powered-booking.jpg
www.frommers.com/assets/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/assets/icons/powered-booking.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2dd2ce8544040b625c1e3744400138c7ceb5da5575175a5417e8cffba360ab9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 24 May 2021 19:39:48 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3031
expires
Fri, 22 Dec 2023 00:12:37 GMT
9781628872859_FC.jpg
www.frommers.com/system/media_items/attachments/000/858/010/s150/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/858/010/s150/9781628872859_FC.jpg?1593706904
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
81d0578118fff842d9f4bca285b2bb56712863ae7d833db616af1f095bcdac2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Thu, 02 Jul 2020 16:21:47 GMT
server
nginx
etag
"5efe099b-ec26"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
60454
expires
Fri, 22 Dec 2023 00:12:37 GMT
9781628872545_FC.jpg
www.frommers.com/system/media_items/attachments/000/856/157/s150/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/157/s150/9781628872545_FC.jpg?1593707127
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
21d6a1ad4a72733fb62ac74d9a2719f2fe8d6cb299d87f8e45d3b68847132341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Thu, 02 Jul 2020 16:25:29 GMT
server
nginx
etag
"5efe0a79-de38"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
56888
expires
Fri, 22 Dec 2023 00:12:37 GMT
9781628871548_FC.jpg
www.frommers.com/system/media_items/attachments/000/853/969/s150/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/853/969/s150/9781628871548_FC.jpg?1593707288
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f13e4c7b056586ea4f32d6174bcb71d0bde28d79849e117d02ce39a5cb4e2421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Thu, 02 Jul 2020 16:28:09 GMT
server
nginx
etag
"5efe0b19-8a47"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
35399
expires
Fri, 22 Dec 2023 00:12:37 GMT
get-inspired-banner_image.jpg
www.frommers.com/system/media_items/attachments/000/857/300/original/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/857/300/original/get-inspired-banner_image.jpg?1476220817
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
06c86abbe59d47e7ec2da33761604db67042311cc180801472ddf0a7324eab44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:31:19 GMT
server
nginx
etag
"5bd86b37-175f4"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
95732
expires
Fri, 22 Dec 2023 00:12:37 GMT
copypastesubscribeformlogic.js
js.createsend1.com/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.createsend1.com/javascript/copypastesubscribeformlogic.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-30.fra53.r.cloudfront.net
Software
csw /
Resource Hash
2013f00120eab5b2c18b7f0f6554c7741dab49acfc3ccb35642b644010435ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2430
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 21 Dec 2022 23:32:01 GMT
server
csw
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3595
x-amz-cf-id
7cSkiZlODPOdg3PaXbG4YbAbckEGa0acJ9-boC8pkMtdgSc6i82Znw==
expires
Thu, 22 Dec 2022 00:32:01 GMT
Asia_Erwin_Soo-Flickr-490x294.jpg
www.frommers.com/system/media_items/attachments/000/856/789/s150/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/789/s150/Asia_Erwin_Soo-Flickr-490x294.jpg?1470237676
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd7e6eada3578bb7388c88d0e8ee27418803b2b64b0038b21b8462063393b0f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:20:16 GMT
server
nginx
etag
"5bd868a0-5c73"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
23667
expires
Fri, 22 Dec 2023 00:12:37 GMT
Australia2_Tourism_Australia-490x294.jpg
www.frommers.com/system/media_items/attachments/000/856/792/s150/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/792/s150/Australia2_Tourism_Australia-490x294.jpg?1470238098
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6b3d2636fa062155175fc0a4a8bf3626577e8e039d295631a7fdf37f4ce079ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:20:19 GMT
server
nginx
etag
"5bd868a3-14ad"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5293
expires
Fri, 22 Dec 2023 00:12:37 GMT
Caribbean_Nickelstar-Flickr-490x294.jpg
www.frommers.com/system/media_items/attachments/000/856/790/s150/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/790/s150/Caribbean_Nickelstar-Flickr-490x294.jpg?1470237573
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
33f81c8d7d8fe829dc47722758967ed211228c29de6e5db3d162ddb9d5a795ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:20:18 GMT
server
nginx
etag
"5bd868a2-245a"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
9306
expires
Fri, 22 Dec 2023 00:12:37 GMT
South_America_Ken_Bosma-Flickr-490x294.jpg
www.frommers.com/system/media_items/attachments/000/856/791/s150/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/791/s150/South_America_Ken_Bosma-Flickr-490x294.jpg?1470237589
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
63e18f59f60a9d32b5eb5fbf5d9d85cbdc5b30c8f9a918d9b0ffa9d591455a93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:20:19 GMT
server
nginx
etag
"5bd868a3-1c99"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7321
expires
Fri, 22 Dec 2023 00:12:37 GMT
europe-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/802/098/s150/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/802/098/s150/europe-dest-cover.jpg?1470169896
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
af1b9e04369d4b1f0e10adf55f66dc09d5ece14fb80ec8e7aa58a1fcd31ab99b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 12:51:59 GMT
server
nginx
etag
"5bd853ef-1081"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4225
expires
Fri, 22 Dec 2023 00:12:37 GMT
me-africa-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/855/335/s150/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/855/335/s150/me-africa-dest-cover.jpg?1470169431
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
88de0e9e8cca6604974f7244d995ee422e1859d97f2b77b63598f6f8650371f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:49:43 GMT
server
nginx
etag
"5bd86177-11eb"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4587
expires
Fri, 22 Dec 2023 00:12:37 GMT
northamerica-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/809/588/s150/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/809/588/s150/northamerica-dest-cover.jpg?1470169456
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1b00c21c4f238309a8ee2eaf1bcb8852ec0bd1f0923c5cc39076387374e0cd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 12:52:41 GMT
server
nginx
etag
"5bd85419-31dc"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12764
expires
Fri, 22 Dec 2023 00:12:37 GMT
united-states-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/348/401/s150/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/348/401/s150/united-states-dest-cover.jpg?1470169476
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f4b784f884bc532f13b76e66025b8d95330163f35c740552cdf8cf9fbf2b9b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 12:51:45 GMT
server
nginx
etag
"5bd853e1-11f7"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4599
expires
Fri, 22 Dec 2023 00:12:37 GMT
nyc-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/855/363/s150/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/855/363/s150/nyc-dest-cover.jpg?1470169986
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fae6e10f3db3169d4f0bfbb11e6bbb55694756a63fb07061306d54eb58def8b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:50:22 GMT
server
nginx
etag
"5bd8619e-2e81"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11905
expires
Fri, 22 Dec 2023 00:12:37 GMT
Paris_Daniel_Stockman-490x294.jpg
www.frommers.com/system/media_items/attachments/000/856/827/s150/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/827/s150/Paris_Daniel_Stockman-490x294.jpg?1470330739
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
efdbdab8187539c4ffb26604f6842fc82a4f3e2c2fbd4a19296702ae55ce5927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:21:06 GMT
server
nginx
etag
"5bd868d2-5925"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
22821
expires
Fri, 22 Dec 2023 00:12:37 GMT
vegas-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/853/765/s150/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/853/765/s150/vegas-dest-cover.jpg?1470170025
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dce0b5384b005fc6dcc1deb5dc9b77683e3ea6b1fe8a636545a59f5615983592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:13:28 GMT
server
nginx
etag
"5bd858f8-4113"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
16659
expires
Fri, 22 Dec 2023 00:12:37 GMT
wash-dc-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/855/360/s150/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/855/360/s150/wash-dc-dest-cover.jpg?1470169559
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
908a110d365e1e6cbd0c5f31f36199d0f84c7117f0199ba3408a53ee202c6ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:50:18 GMT
server
nginx
etag
"5bd8619a-306a"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12394
expires
Fri, 22 Dec 2023 00:12:37 GMT
los-angeles-dest-cover.JPG
www.frommers.com/system/media_items/attachments/000/855/329/s150/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/855/329/s150/los-angeles-dest-cover.JPG?1470170146
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9638fda31829fe9835a4aece7bf8607512a2b27305f210dc353dab1faf29e51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:49:36 GMT
server
nginx
etag
"5bd86170-20de"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
8414
expires
Fri, 22 Dec 2023 00:12:37 GMT
rome-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/855/354/s150/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/855/354/s150/rome-dest-cover.jpg?1470169679
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a12b08a554731bb0805cabb8ca6a2d1eff4e090bf619c6123a20bbb3caebb701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:50:10 GMT
server
nginx
etag
"5bd86192-600c"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
24588
expires
Fri, 22 Dec 2023 00:12:37 GMT
hong-kong-dest-cover.jpg
www.frommers.com/system/media_items/attachments/000/855/359/s150/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/855/359/s150/hong-kong-dest-cover.jpg?1470170185
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a529751dd69b006acc32c3c768f6ac7cedfa2c64a6a4fadb29c1f63f7929b2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:50:17 GMT
server
nginx
etag
"5bd86199-28ef"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
10479
expires
Fri, 22 Dec 2023 00:12:37 GMT
San_Francisco_San_Francisco_Travel-490x294.jpg
www.frommers.com/system/media_items/attachments/000/856/793/s150/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/793/s150/San_Francisco_San_Francisco_Travel-490x294.jpg?1470238048
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0e1f98d71f8f1405d6afbc8504c4d4fcba361a222c9ebe2553208ae891a2bfc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:20:21 GMT
server
nginx
etag
"5bd868a5-5342"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21314
expires
Fri, 22 Dec 2023 00:12:37 GMT
quant.js
edge.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.quantserve.com/quant.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 29 Dec 2022 00:12:37 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Dec 2022 00:12:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 22:27:21 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6316
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 22 Dec 2022 00:27:21 GMT
gtm.js
www.googletagmanager.com/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TD7CDGT
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9f935e262dd55537827320e3ed77c79f040adb22b576f40aa2c5fbc61b05ae89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66025
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 22 Dec 2022 00:12:37 GMT
v2fxbFDTFPIG7htpZJhriRyZW4B0nAmtD4nzOOC3yVd9EzKYFE6PdyAW6FCi_wCIl
sablesong.com/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sablesong.com/v2fxbFDTFPIG7htpZJhriRyZW4B0nAmtD4nzOOC3yVd9EzKYFE6PdyAW6FCi_wCIl
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
343a1171ba368a532d20a085d94609abea955f6a408957dca83b2c605fc97835
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 22 Dec 2022 00:12:37 GMT
x-datacenter
gce-europe-west1
etag
"3c6e74f1762677864531fb0ddda3ed59c236b72e99f9f822bf0dd771fcde63b1"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-d6q6
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2k9-destmap-plain.jpg
www.frommers.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-plain.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
88c2f9e70bfa5a498bd2533f7e2a6ee5f9f396607f2d2b2374612d24432191fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-38a8"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14504
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-north-am.jpg
www.frommers.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-north-am.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
91d65879a99407062a8a3bd78bf3188b9f72f3fa937517f661e8c4b8884ce01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-391b"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14619
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-south-am.jpg
www.frommers.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-south-am.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
58869dfc645af463e2f3952327dc0bd0b9d122ac995a4320e734fd61b1d34307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-391f"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14623
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-caribbean.jpg
www.frommers.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-caribbean.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3af3f75e2bc5fac025eec25f3fa8540b0daf5163b41a9956b8d224e096a89a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-38f3"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14579
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-europe.jpg
www.frommers.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-europe.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d9cc9647a23321050648b5a58e6fc28a47268f161693f2286f24ef975a2d350a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-38da"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14554
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-asia.jpg
www.frommers.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-asia.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5cd8c5763d387b2632eb552f4b8dae571a7a00ce0ea2953d30b959a1277a2b99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-38e5"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14565
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-mideast.jpg
www.frommers.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-mideast.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
97f331ef777926cc6e066406d84cd11772272adc480eb8b3fa574fff193f3c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-3929"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14633
expires
Fri, 22 Dec 2023 00:12:37 GMT
2k9-destmap-australia.jpg
www.frommers.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/images/2k9-destmap-australia.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3161ee05fbf2e98308580a3977b40b09126ec3484bd84c1d1ec150fd14358916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 15:11:41 GMT
server
nginx
etag
"5bcf3a2d-3926"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
14630
expires
Fri, 22 Dec 2023 00:12:37 GMT
advally-5.3.0.js
cdn.adligature.com/rules.js/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/rules.js/advally-5.3.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/frommers/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd322ed87247771fc13a7ffd3be194607e3210437398f0f31faf9f62c8d522b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4166
cf-polished
origSize=177701
x-guploader-uploadid
ADPycduOvMNA-aF6K628pXGLQAsgTl1FjIDAm3gKd7m0PZQvkFuzLvjiM8spUtZycJNWTt0vcXGT1Cj3ylFs8h6edW9bPg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 17:34:21 GMT
server
cloudflare
etag
W/"f2de8c1baa9fe9014eaf9efe250343c5"
vary
Accept-Encoding
x-goog-generation
1669052061080345
content-type
application/javascript
x-goog-hash
crc32c=3Rl/9A==, md5=8t6MG6qf6QFOr57+JQNDxQ==
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpAMacTdsa1Gfv2GtCN6S3kZWinhUCG7%2ByKcW07dOsnWXtnStjuepVInQy63jaHvsbvHlPAaMulvKmNW6Pqe0NfVibQFw8hxFVNL8pOSDVFDwEGkwHXx2pyzr8NDMvDnpfsdEzSeGOO8xxIk1QgKl4k%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
177701
cf-ray
77d4a59c1fdf9116-FRA
expires
Thu, 22 Dec 2022 01:03:11 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
  • https://cse.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
b812b0f8c2e0872f1f833ffa86b1752ccd7bbb8808e5cbf5467e8e4b6333b20d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3520
x-xss-protection
0
bfcache-opt-in
unload
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="gws"
expires
Thu, 22 Dec 2022 00:12:37 GMT

Redirect headers

date
Wed, 21 Dec 2022 23:58:07 GMT
x-content-type-options
nosniff
server
sffe
age
870
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:28:07 GMT
header-icons.png
www.frommers.com/assets/icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/assets/icons/header-icons.png
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
35cc2f0af2de889629069a65afe4fd1c42e1aed3292a0d092659a0ae190749dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 24 May 2021 19:39:48 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4115
expires
Fri, 22 Dec 2023 00:12:37 GMT
rio.jpg
www.frommers.com/system/header_images/images/000/000/113/original/ 		537 KB
538 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/header_images/images/000/000/113/original/rio.jpg?1470630830
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
017a959c22c73642476d5eed6bf063f5e62c4d71cb3feaaa8b29b8daac6ee6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 11:40:18 GMT
server
nginx
etag
"5bd84322-8657b"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
550267
expires
Fri, 22 Dec 2023 00:12:37 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.frommers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:06:09 GMT
x-content-type-options
nosniff
age
115588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Dec 2023 16:06:09 GMT
user_uuid
www.frommers.com/ 		52 B
723 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/user_uuid
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1b71710b60bee49790c488996039bd13467c9ebeb2a24057e0b5eb8d383c6115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-runtime
0.013463
date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
etag
W/"1b71710b60bee49790c488996039bd13"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
81da49c2-000a-4923-980b-544a38ebc4d1
frommers.html
cdntravelspike.azureedge.net/scripts/ Frame 583D 		352 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdntravelspike.azureedge.net/scripts/frommers.html
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CA) /
Resource Hash
a8d6ad508482ef8b981e9618255b72e1c0eb19728342aad5373df4161ce37d97

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
494573
content-length
352
content-md5
8YElvwlVZKBGD+cSJrQtsQ==
content-type
text/html
date
Thu, 22 Dec 2022 00:12:37 GMT
etag
0x8D52220C3909DF2
last-modified
Thu, 02 Nov 2017 18:37:25 GMT
server
ECAcc (ama/48CA)
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
8b2e072f-d01e-000d-4e1a-116023000000
x-ms-version
2009-09-19
GAM.aspx
www.travelzoo.com/ Frame 3F3A
Redirect Chain
  • https://media.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
  • https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d844b86d82150222558f514172992418d0ed374a9a5eec9878286f7ac0bfa6c0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
2621
content-type
text/html; charset=utf-8
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Thu, 22 Dec 2022 00:12:37 GMT
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=154 origin; dur=29
vary
Accept-Encoding
x-akamai-transformed
9 1278 0 pmb=mTOE,4mRUM,1
x-ip
8

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 22 Dec 2022 00:12:37 GMT
Location
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Server
AkamaiGHost
hotel-icon-tab.jpg
www.frommers.com/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/assets/icons/hotel-icon-tab.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ba4b762e99c79cddc42f9088aef6cb95bda3cfb0ae7b5758f6584b4ae60d4071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 24 May 2021 19:39:48 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1469
expires
Fri, 22 Dec 2023 00:12:37 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.218.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-218-75.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 21 Dec 2022 07:05:37 GMT
content-encoding
gzip
via
1.1 1941d7a64ce4dc55d14b445963586a6e.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P2
age
61621
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
zavpKIc0TR2x2X3mctsSfsKW3UGmu0JN-8vSacJey2yHqk32USEdwA==
/
pro.ip-api.com/json/ 		53 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.3.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
d72705328bdc002d4569430e6c23792c057abd4665419bfcd2fb19b4a550a3cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Dec 2022 00:12:37 GMT
Content-Length
53
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.3.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1428 / 252 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Dec 2022 00:12:37 GMT
prebid-7.25.0.js
cdn.adligature.com/frommers/prod/ 		326 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/frommers/prod/prebid-7.25.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.3.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b99d29648995a3e58156442b90b05800293f3a32ad32ac758ed0faa3eb62825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=334438
x-guploader-uploadid
ADPycduZO_3TQvcEkhKjXQihLiz8EudfhYXmGWLnXBu0hcNOH5TOcsC2rP7BIeWvOJq7HBvz390QkSKnG_WTOKKvVNSF2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 21 Nov 2022 17:38:24 GMT
server
cloudflare
etag
W/"da55f8e197af1999e89ae68cbfdc9e0e"
vary
Accept-Encoding
x-goog-generation
1669052304696617
content-type
application/javascript
x-goog-hash
crc32c=+ZGbFw==, md5=2lX44ZevGZnomuaMv9yeDg==
cache-control
public, max-age=900, s-maxage=300, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muR3uvrzCrMwXBkcyOur%2Bw7I8QIvOBrqB4l9VH3fSgBcHseiXzhdrwpuZ5IYUj7KXJDMzXgO%2BwleqBAHuLU7a5PqeaMV4jjY1XJ%2FMLfKOj%2Fbe2HxwX6E8dy94HNhgx4vnGWKM5QVpN9kFqJl7GdzfI0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
334438
cf-ray
77d4a59c9d9d9112-FRA
expires
Thu, 22 Dec 2022 00:17:37 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.3.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b33c16f39a180213b010e813470d9b31833409d97e78d43d33f43138852a26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:17:05 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 21:26:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
3333
x-amz-server-side-encryption
AES256
etag
W/"ca9815ac68da5f43522e6e88c003c175"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
jS1DbyA_C7Q-CqqGdb5RxVyCi_OkxZblGIuUubOfA_43AGZ04UuSRw==
api
sdk.adara.com/ 		16 B
31 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.adara.com/api
Requested by
Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.191.102.34.bc.googleusercontent.com
Software
/
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
X-Adara-Key
N2Y0OTVlZGItYTMwOC00YWU4LTkwYzgtY2M2MTkwN2FlYWYy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
via
1.1 google
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
X-Adara-Key
content-length
16
api
sdk.adara.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.adara.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.191.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-adara-key
Access-Control-Request-Method
POST
Origin
https://www.frommers.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
X-Adara-Key
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 22 Dec 2022 00:12:37 GMT
via
1.1 google
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2077325210&t=pageview&_s=1&dl=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ul=en-us&de=UTF-8&dt=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=127183638&gjid=270421209&cid=1145010253.1671667957&tid=UA-6725325-1&_gid=1920018442.1671667957&_r=1&_slc=1&z=1099718502
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
knpsck.min.js
cdntravelspike.azureedge.net/scripts/ Frame 583D 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdntravelspike.azureedge.net/scripts/knpsck.min.js?v=47
Requested by
Host: cdntravelspike.azureedge.net
URL: https://cdntravelspike.azureedge.net/scripts/frommers.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B7) /
Resource Hash
3a659af107d07848b03f333e52f52b702110814b05bd449eb86b9bf00bde6096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdntravelspike.azureedge.net/scripts/frommers.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 20 Jul 2020 15:08:40 GMT
server
ECAcc (ama/48B7)
content-md5
jv+y8t2Ml8Ws+muffg9JIA==
age
494133
etag
0x8D82CBEC960D169
x-cache
HIT
content-type
application/javascript
x-ms-request-id
879f06ba-f01e-0025-0c1b-11018b000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
6643
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
date
Wed, 21 Dec 2022 05:58:34 GMT
x-amz-cf-pop
FRA56-C2
age
65670
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
tVfSQDH8Gl-WxG-mi3TGZtWTR84ooX3uDlI10uad-LVWmnJfJ6_zUQ==
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 21:44:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		120 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.frommers.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d2e5b5859cc62ce06eac6802fe02017acbb42f5e08cf44630f7a415dd45ab8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:37 GMT
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6486636&c3=&c4=&c5=&c6=&c15=&cs_it=b3&cv=3.8.0.210223&ns__t=1671667957314&ns_c=UTF-8&c7=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&c8=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&c9=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.218.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-218-75.mxp63.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
via
1.1 1941d7a64ce4dc55d14b445963586a6e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P2
x-amz-cf-id
Wk8QMzfWtL0XszhjQdA8Gxrw5x4aQhj5PiDS_ZHP6UxK8Jwv0QOkUw==
x-cache
Miss from cloudfront
rules-p-cax4-257AsPog.js
rules.quantcount.com/ 		3 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cax4-257AsPog.js
Requested by
Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 00:38:35 GMT
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
84843
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:55:14 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
O7178pISRdFp2fetlWmv7GVVvVKG3EW7xAucd80QHZdT5u1xfEbizA==
/
www.googleadservices.com/pagead/conversion/999399283/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/999399283/?random=1671667957326&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&tiba=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
907314257cc4af4b6c9e331f249deeca8138ea7adbeff150bd89e73f915763ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cse_element__en.js
www.google.com/cse/static/element/f275a300093f201a/ 		302 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 09:45:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103180
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:37:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 16 Dec 2023 09:45:17 GMT
default+en.css
www.google.com/cse/static/element/f275a300093f201a/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/f275a300093f201a/default+en.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 20:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:37:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 16 Dec 2023 20:27:18 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=004229160529753215653:javsnb4r2yc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 22 Dec 2022 00:37:42 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=1580&_yoid=4ff4c481-d909-4437-b635-446aa81f72fd&_yosid=9d00a024-5bed-41b5-b8ae-ea4012c95acd
  • https://tag.yieldoptimizer.com/ps/ps?tc=820279963&t=i&p=1580&_yoid=4ff4c481-d909-4437-b635-446aa81f72fd&_yosid=9d00a024-5bed-41b5-b8ae-ea4012c95acd
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjUwNDUyMTI2Mg&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjUwNDUyMTI2Mg&google_sc=&google_tc=
170 B
188 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjUwNDUyMTI2Mg&google_sc=&google_tc=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNjUwNDUyMTI2Mg&google_sc=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3158.js
script.crazyegg.com/pages/scripts/0084/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0084/3158.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD7CDGT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 18:13:58 GMT
server
cloudflare
age
21519
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
77d4a59e0c379a0f-FRA
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6725325-1&cid=1145010253.1671667957&jid=127183638&gjid=270421209&_gid=1920018442.1671667957&_u=IEBAAEAAAAAAACAAI~&z=595870824
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: sablesong.com
URL: https://sablesong.com/v2fxbFDTFPIG7htpZJhriRyZW4B0nAmtD4nzOOC3yVd9EzKYFE6PdyAW6FCi_wCIl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
15027098
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
EkES5mo7va9am4ZaNt9OY0htnJ9KoFZjUkaHmMVvi5OaMtF_ltLtcQ==
destination_articles_slideshows.js
www.frommers.com/articles/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/articles/destination_articles_slideshows.js?location_id=143060
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8f3c323623f90aa6e5068628c5efe593ecb86ca445b35b7a659d83ac304f43fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
X-CSRF-Token
x/w1wKWZQv97lp53bOcB9/hJJJnF1L0Tu91zEvDqTSwUmQJpZF5zl62CbB5WlkbW5lu0w6XyF0fPiaKg+A0e+Q==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-runtime
0.035159
date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
etag
W/"8f3c323623f90aa6e5068628c5efe593"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
ee34d51f-d75d-4041-a4d0-e29bbc183a60
related_slideshows.js
www.frommers.com/destination/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.frommers.com/destination/related_slideshows.js?location_id=143060
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1aafa5531361e99401c95413839eebd41b4c3f4068cfabf6274743fb27696e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
X-CSRF-Token
x/w1wKWZQv97lp53bOcB9/hJJJnF1L0Tu91zEvDqTSwUmQJpZF5zl62CbB5WlkbW5lu0w6XyF0fPiaKg+A0e+Q==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-runtime
0.014223
date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
etag
W/"1aafa5531361e99401c95413839eebd4"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
5d25f685-c7af-4353-bed0-be300c87af70
28A7B6F336A849F29CB86AFD2DCEEA5E.min.js
travelspike.azurewebsites.net/content/tiles/tags/ Frame 583D 		0
0
pixel;r=1393698800;rf=0;a=p-cax4-257AsPog;url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs;uht=2;fpan=1;fpa=P0-1367190897-1671667957323;pbc...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1393698800;rf=0;a=p-cax4-257AsPog;url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs;uht=2;fpan=1;fpa=P0-1367190897-1671667957323;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=frommers.com;dst=0;et=1671667957430;tzo=0;ogl=;ses=ba199682-4b49-4449-982f-786482a9a6f2
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"7903281105347033007"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:37 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/f275a300093f201a/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 05:46:24 GMT
x-content-type-options
nosniff
age
66373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 21 Dec 2023 05:46:24 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 17:01:55 GMT
x-content-type-options
nosniff
age
285042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 18 Dec 2023 17:01:55 GMT
search-icon-red.png
www.frommers.com/assets/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/assets/icons/search-icon-red.png
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
333fb273be028ee892010d43e88c5b695988b2f577aac29c366adff056f33493

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/assets/application-98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 24 May 2021 19:39:48 GMT
server
nginx
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1539
expires
Fri, 22 Dec 2023 00:12:37 GMT
generate_204
clients1.google.com/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
outbrain.js
widgets.outbrain.com/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.3.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a02811652bbe37a737ce3915a143a00b380be7f20da831ef6e229fa7596b56c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 10:33:43 GMT
etag
"15-nShwgutl7iTV+3k2zO80amcW1S0"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
887fd8584f268483acb0f14847058a3a
timing-allow-origin
*, *
content-length
75167
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.frommers.com&pubid=27a84c3a-c7e6-4fe6-a3f7-91fbb5dc67b6
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 20:17:06 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14131
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.frommers.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
mN8k8V0Jaa6AC6ESi2c-3IyYdoV6t2ZRiF5urBF6Gdb8PHJFNM2beA==
op.js
tagan.adlightning.com/advally-frommers/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/op.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.3.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c7dfe237d607d6f65f59c698a5780818e027d755f77d4f4453eb5e0c69ef1d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
s6jNikWknQFwvsqu6B_8iwE1jPibd2jp
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
date
Wed, 21 Dec 2022 23:52:19 GMT
x-amz-cf-pop
FRA56-C1
age
1494
x-cache
Hit from cloudfront
content-length
16307
x-amz-meta-git_commit
8db6969
last-modified
Thu, 15 Dec 2022 19:54:15 GMT
server
AmazonS3
etag
"17ea8e1317df04165fdcc50b6fe1725f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
5K-i8t8XxO4eAO6K2jA4HzUwJ4VrlhnniYk-IbTrO2a-VCoBr9AraQ==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.frommers.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.frommers.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1265575580356753&vrg=2022120501&nw_id=64147298&nslots=17&pub_url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&sig=0&req=1&req_cnt=2&dm=8
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=13509551899025&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CWK-pixel-1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=673460798&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671667957578&lmt=1671667957&dlt=1671667956669&idt=826&adxs=0&adys=641&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d6488d7e60f2490201d9fc9d1faf21f55c1f7fa0ea46dacedacd608a12a96aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9870
x-xss-protection
0
google-lineitem-id
5844604508
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385152663
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=13509551899025&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_video_player&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1186935781&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671667957584&lmt=1671667957&dlt=1671667956669&idt=826&adxs=800&adys=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=582x0&msz=0x0&fws=4&ohw=582&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68902a1b6ff2345e154ec58b8d2d4b0094e1ddb34bb66ab0831de2964fcc73ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
google-lineitem-id
5849636044
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373878126
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 589E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.de/pagead/1p-conversion/999399283/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTyb...
  • https://www.google.com/pagead/1p-conversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u...
  • https://www.google.de/pagead/1p-conversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_...
42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&tiba=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9aCjY5GbGKasmLAP0pau4Ak&cid=CAQSKQDq26N9qZJRRfqqYEpBWcsZ1cWk7Tn4Z2uUDg05LARS-CWE5zL4qTf8IBM&random=797876733&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/999399283/?random=1702422964&cv=9&fst=1671667957326&num=1&value=0&label=uFHRCJXF5gMQ877G3AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&tiba=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9aCjY5GbGKasmLAP0pau4Ak&cid=CAQSKQDq26N9qZJRRfqqYEpBWcsZ1cWk7Tn4Z2uUDg05LARS-CWE5zL4qTf8IBM&random=797876733&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Klein_Curac%CC%A7ao.jpg
www.frommers.com/system/media_items/attachments/000/869/030/s300/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/869/030/s300/Klein_Curac%CC%A7ao.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7832eb8a8ab87dafe081e21cea89e3b7e077f6b8a4322346fcf65cf09bc9ed5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Wed, 06 Jul 2022 20:09:52 GMT
server
nginx
etag
"62c5ec10-12cc7"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
76999
expires
Fri, 22 Dec 2023 00:12:37 GMT
Aladdin_Jasmine_carpet.jpg
www.frommers.com/system/media_items/attachments/000/865/404/s300/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/865/404/s300/Aladdin_Jasmine_carpet.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8bff6fd62644d71cd884999a1c58a6857c73f87cc1d97a611ab9b60eb9a5bdd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Mon, 06 Apr 2020 20:42:55 GMT
server
nginx
etag
"5e8b944f-31cb"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12747
expires
Fri, 22 Dec 2023 00:12:37 GMT
Uluru_Milky_Way_(landscape_version).jpg
www.frommers.com/system/media_items/attachments/000/863/211/s300/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/863/211/s300/Uluru_Milky_Way_(landscape_version).jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b4a38190c2ca475e14a42e06daf1a408bb1f013e45b343359c179f6ef4c2eaa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 16:33:25 GMT
server
nginx
etag
"5bd887d5-c335"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
49973
expires
Fri, 22 Dec 2023 00:12:37 GMT
IlhaBela_2.jpg
www.frommers.com/system/media_items/attachments/000/863/352/s300/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/863/352/s300/IlhaBela_2.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e972a02cc29c22edfc4d6d2e1e9afce0bef26000c2331fe4274eea787bfea7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Wed, 14 Nov 2018 17:59:05 GMT
server
nginx
etag
"5bec6269-1915f"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
102751
expires
Fri, 22 Dec 2023 00:12:37 GMT
brazil-iguacu-crop.jpg
www.frommers.com/system/media_items/attachments/000/862/719/s300/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/862/719/s300/brazil-iguacu-crop.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8fb125717bd3c32a2f34d24a54a47012e4b0cec09342ab571b732ecf39f63cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 16:22:00 GMT
server
nginx
etag
"5bd88528-52f1"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21233
expires
Fri, 22 Dec 2023 00:12:37 GMT
SOL.jpg
www.frommers.com/system/media_items/attachments/000/846/619/s300/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/846/619/s300/SOL.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
828e47e36340566e5abda6fb77a10835794aeb272e2c0ba18476fc7bc5d44601

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 12:53:02 GMT
server
nginx
etag
"5bd8542e-5e72"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
24178
expires
Fri, 22 Dec 2023 00:12:37 GMT
candy.jpg
www.frommers.com/system/media_items/attachments/000/853/694/s300/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/853/694/s300/candy.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
18208c2b1c05093edd255bda9d21a234d5167a432c966376ce0da6191f6b1958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 13:11:42 GMT
server
nginx
etag
"5bd8588e-ffd0"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
65488
expires
Fri, 22 Dec 2023 00:12:37 GMT
Salvadorwww.flickr.com_photos_photobutta_-crop.jpg
www.frommers.com/system/media_items/attachments/000/856/285/s300/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/285/s300/Salvadorwww.flickr.com_photos_photobutta_-crop.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3847a7334d83e6fb9f45b8062ef628ad6a8f519a6cae84b80c3348bb1abd500e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:09:25 GMT
server
nginx
etag
"5bd86615-52fc"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21244
expires
Fri, 22 Dec 2023 00:12:37 GMT
1676-34484.jpg
www.frommers.com/system/photos/photos300/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/photos/photos300/1676-34484.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
31e76a6fbf3030405a801950a8efbf687b7d874cab512aef913430076a054f7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 23 Oct 2018 18:42:18 GMT
server
nginx
etag
"5bcf6b8a-11091"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
69777
expires
Fri, 22 Dec 2023 00:12:37 GMT
flexiproduct.js
aff.bstatic.com/static/affiliate_base/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1671667957605
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
br
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 13 Jun 2022 03:41:28 GMT
server
nginx
etag
W/"62a6b1e8-1849"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ZjU5FPB1DDzI3waX9PWtNXffl90FGE180j0KdXU6SNVFqiFUCL5IWw==
expires
Sat, 21 Jan 2023 00:12:38 GMT
Line-proc.jpg
www.frommers.com/system/media_items/attachments/000/856/635/s300/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/856/635/s300/Line-proc.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6c5ae7c1705d8be2d91bcb0099be33b069fa75d664ae49134a0e8cffdddd1bcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Tue, 30 Oct 2018 14:16:46 GMT
server
nginx
etag
"5bd867ce-5222"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21026
expires
Fri, 22 Dec 2023 00:12:37 GMT
Electric_Vehicle_Charging.jpg
www.frommers.com/system/media_items/attachments/000/868/537/s500/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/868/537/s500/Electric_Vehicle_Charging.jpg?1648147924
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1d4add5a9fea05d55c40eb56cad3ebf215e7ac8ddfb7c845822c5300d35a8cfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Thu, 24 Mar 2022 18:52:06 GMT
server
nginx
etag
"623cbdd6-34712"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
214802
expires
Fri, 22 Dec 2023 00:12:37 GMT
founding_documents_handcuffs.jpg
www.frommers.com/system/media_items/attachments/000/865/826/s500/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.frommers.com/system/media_items/attachments/000/865/826/s500/founding_documents_handcuffs.jpg?1596061178
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.235.208.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-235-208-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
565d2146b2d0b8bea08cb575194d70c8adf7e3cef17373844b00b135b050f84a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Wed, 29 Jul 2020 22:19:39 GMT
server
nginx
etag
"5f21f5fb-2d38d"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
185229
expires
Fri, 22 Dec 2023 00:12:37 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pid=UQUoJjNXxCHLS&cb=0&ws=1600x1200&v=22.1212.1754&t=700&slots=%5B%7B%22sd%22%3A%22AdvallyTag-frommers-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F64147298%2FFrommers_Inline_300x250%22%7D%5D&pubid=27a84c3a-c7e6-4fe6-a3f7-91fbb5dc67b6&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
VK74R6XVQYNH6Q9BXBW1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.frommers.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
R48KK5XWDjEN4gFkMGmQe--HByOPPoPPIVVHgYmuEaHvKWzgyO3vgg==
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=985198023168575&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_Inline_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=501986354&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671667957620&lmt=1671667957&dlt=1671667956669&idt=826&adxs=650&adys=1179&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=582x250&msz=300x-1&fws=4&ohw=582&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff02474a0fdf7b183a95fd20ddef068e46e57b65961c94987be8bf2c0062cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12745
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pid=UQUoJjNXxCHLS&cb=1&ws=1600x1200&v=22.1212.1754&t=700&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F64147298%2FFrommers_Global_adhesion_728x90%22%7D%2C%7B%22sd%22%3A%22advally-sidehesion-slot%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F64147298%2FFrommers_Global_adhesion_160x600%22%7D%2C%7B%22sd%22%3A%22HeaderAdDesktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F64147298%2FHeaderAdDesktop%22%7D%2C%7B%22sd%22%3A%22LeftSidebarAd1%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F64147298%2FLeftSidebarAd1%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-frommers-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F64147298%2FFrommers_Inline_300x250-2%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-frommers-300x250-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F64147298%2FFrommers_Inline_300x250-3%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-frommers-300x250-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F64147298%2FFrommers_Inline_300x250-4%22%7D%2C%7B%22sd%22%3A%22RightSidebarAd1%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F64147298%2FRightSidebarAd1%22%7D%5D&pubid=27a84c3a-c7e6-4fe6-a3f7-91fbb5dc67b6&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
RB4HQR65FHQ6008GGPCJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.frommers.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
lAM8BRvPxuEJ4CIBVMNqF-3EU6x1zu-VXsdQmxmlpfdLh6YfOPApaQ==
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_Global_adhesion_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=2861378534&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957643&lmt=1671667957&dlt=1671667956669&idt=826&adxs=436&adys=1230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9292160137bedd22eb3a9cdb89e097f76f4c167dbd8e9a2c9b44473c762b373f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12019
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_Global_adhesion_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=5&adks=1309932647&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957645&lmt=1671667957&dlt=1671667956669&idt=826&adxs=1615&adys=309&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=161x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8379213f9b03a8786ba85d3a169dd0e6a4ff2a9f750d272e7a5527a38788cfed
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLrsmLf4i_wCFdOuewodueoJNg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLrsmLf4i_wCFdOuewodueoJNg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
date
Thu, 22 Dec 2022 00:12:39 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29427
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CHeaderAdDesktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=6&adks=984292701&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957648&lmt=1671667957&dlt=1671667956669&idt=826&adxs=218&adys=381&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=1165x0&msz=1165x0&fws=4&ohw=1600&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f542339e204af8a908a6b4278ccd98eb5f7dc91ea1a0483e017384777cf61fe
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzfxLb4i_wCFZls4AodAh8MJg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzfxLb4i_wCFZls4AodAh8MJg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
date
Thu, 22 Dec 2022 00:12:38 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28890
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CLeftSidebarAd1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=7&adks=3031623913&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957650&lmt=1671667957&dlt=1671667956669&idt=826&adxs=218&adys=1977&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=237x0&msz=0x-1&fws=4&ohw=242&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33f7e8e95bbd45ab2dcf42cb33b8d8f17e56d0c6e8ef736e52e2f45005c95b3d
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPmM_rb4i_wCFc-83godSW0KFA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPmM_rb4i_wCFc-83godSW0KFA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
date
Thu, 22 Dec 2022 00:12:39 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29337
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_Inline_300x250-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&adks=2048334934&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957653&lmt=1671667957&dlt=1671667956669&idt=826&adxs=650&adys=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=582x250&msz=300x-1&fws=4&ohw=582&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a32b8e557c8749c20667735d54fe3d78b8b515606aca0dd55c507e0246b3d436
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKi0rb4i_wCFVJ84Aod6ngGow&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPKi0rb4i_wCFVJ84Aod6ngGow&gqi=&layout=/sadbundle/%24csp%253Der3%24/7963287176706260992/index.html
date
Thu, 22 Dec 2022 00:12:38 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29068
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_Inline_300x250-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=4026772040&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957656&lmt=1671667957&dlt=1671667956669&idt=826&adxs=650&adys=2804&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=582x250&msz=300x-1&fws=4&ohw=582&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7480513e1179158ace6117416f0e0b277709ca61e2e9af27465fe115d788e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23954
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CFrommers_Inline_300x250-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=1569242033&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957659&lmt=1671667957&dlt=1671667956669&idt=826&adxs=650&adys=3405&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=582x250&msz=300x-1&fws=4&ohw=582&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3ac36b5af51e70cff4247b84a20230dcc16276587a2d5326f40e7d2b73fe1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12153
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1265575580356753&correlator=2876714851388272&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=64147298%2CRightSidebarAd1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=11&adks=1860967007&sfv=1-0-40&prev_scp=rand_key%3D98&eri=1&cust_params=frommers_kw%3Ddestinations%26L1%3D1005%26L2%3D1010%26L3%3D0813%26loc%3Ddest%26refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1671667957663&lmt=1671667957&dlt=1671667956669&idt=826&adxs=1184&adys=704&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&frm=20&vis=1&psz=160x638&msz=160x-1&fws=516&ohw=1600&ga_vid=1145010253.1671667957&ga_sid=1671667958&ga_hid=2077325210&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dcb6c3049f5db5b2aafd6d26bb168461e467b73adc2f542c4bd30e58d6f5f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12562
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
3LAZffpCymuCp0RD.html
static.sojern.com/cip/p/ Frame 8AFD 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/assets/application-333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fe6e0fd2e712d1ee3e422835e652179d8ee8af6974d83339505a7c6e16dc4b81

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
5298
content-type
text/html
date
Thu, 22 Dec 2022 00:09:17 GMT
etag
"4e44ef5cf33e0930c3c816b2d526cebe"
expires
Thu, 22 Dec 2022 01:09:17 GMT
last-modified
Wed, 09 Nov 2022 09:55:36 GMT
server
UploadServer
x-goog-generation
1667987736704144
x-goog-hash
crc32c=2vjTkg== md5=TkTvXPM+CTDDyBay1SbOvg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
5298
x-guploader-uploadid
ADPycdsMgS-a9Lw-5LHVfsWGABHt9j7fOMUnjwmoo3STsJIpqKtVr-rW5ZGVcrH7MUuHZxm5tHr31Qy49gMkDB_fhJ0gOshHQl40
view
securepubads.g.doubleclick.net/pcs/ Frame EEB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmgBfDjWRjoYg0RVsmEc5veRuVm139KCJy5zQlTWaSUUUyHIiuzYHUzF_lKUJ3DRZ6zoqHmpkE6y0hb2SgoI_uloYao9yT8bR3kh_gDQgdISYyZ2dbNofOqizc5jHJYbU-Z1-SdYZF2k3ExLrUHusS3joZsf8CS8qgVptUm23n6SyHXhxLCHoJZAGuSM6LVg0GbDqbGgrvjF35laG64palB5yP3VvpaAoUaVntxvj4V7uaoD6Yl7KGuG9ys3UGzmkAST6QkxM2slO2XNPlGLg6GuO9cqmArXraLjuNTap0VJipACu3xoKCo-aU2DRtqQRokjgCg4C-XIYz&sai=AMfl-YTyhoPdx6qylAMhNs_RIGkG8TA4k0L9tDrdEWIiUM98tgq72WOPfKP480S8Q0_HjBMEd5DnK1Fm-9f4VcwAAGBd52i_xr0vev8lAiJcSiTBEmtXwtFnbftHtiSF3BJLDg&sig=Cg0ArKJSzJSat1Vwko4TEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
tagLoader.js
s.vi-serve.com/ Frame EEB1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/tagLoader.js
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
e2050ed4a8ab3f74cc1a26ef380fdacc9004ec320d33bb088fccdbeef36cb657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduj1FUCiNx7W1dz4CtaTgfGAflGq3wefU2dED7bu_C1DksN6rdBOCnROi5KWpdPrQxnXOTBRxytiurKYUbjB4r7CQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
664
x-sp-metadata
HS256.CIXejp0GEogBCiQzZTlhZDc0NC0yNTM4LTRlYTMtYjc2Yy1mM2ExMTZmYmQ3ZGIQoOnC6rGG/AIaBgj1wY6dBiINMjE3LjY0LjE1MS42OSjO1QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDQ1NzY4M2MzLWYwZjctNDZlMS05YTRhLTEzYTk0NGYwOTJhYhiYBSIYCAISFGNkczIxNC5sbzQuaHdjZG4ubmV0.5vv0WpTUm0WksncjM6ARKNL9I9zVIYUb+rVZUcIDYS8=
last-modified
Tue, 13 Sep 2022 09:35:47 GMT
server
UploadServer
etag
"b8424eae082287ec8a897dd5ef0325d7"
access-control-max-age
86400
x-goog-generation
1663061747521540
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=KGZ3hA==, md5=uEJOrggih+yKiX3V7wMl1w==
cache-control
private, max-age=0, max-age=300, must-revalidate
x-hw
1671667957.dop084.lo4.t,1671667957.cds211.lo4.hn,1671667957.cds214.lo4.c
x-goog-stored-content-length
1969
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EEB1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2F5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYZAxvBCnSq8L-BgEA9S5pUJToFI6t8rayOuWMJ2fWiKJ7fZ-LuaUmVf0kEMYTc_Ft6bzv-PcGj6EnpKxYYA-3zdIXgXd-FJy1xCBaKNMhHX2uyyz-O04kzgPmAZXGAr_Ez0y0ilfY1G-BZ08HWlO3e2vCjHgyhZy3VYF0VekIrPIjW5DQXuKEfTRslh4m11FfgZztMjrfUiN25wk7zlVb6xBTvGa0cqdYcJhkaSO-IMSxsVFInhR8zMZGwEJOxOkfUkbxeocwvFwQOYese_wqVzoeCdhKbVEH34KEn_clpTHm5d9Y35PLoeRUgeXy-rKS&sai=AMfl-YQl7qAALbT6GrTF8m4cW1OReu8gFQV4LH05NzDbobeTZxoKc3MOB1y6p2ZUGNRxY8OzpBaopYANIe2Fah-UKArMMZE5wy_6urs0Nc4XfocM-WrRYad2XVvoMdEz9NBu0g&sig=Cg0ArKJSzByJ4MRVOuN8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame 2F5D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 20:28:23 GMT
content-encoding
gzip
age
359054
x-guploader-uploadid
ADPycdvaBkIXDT3On0SKzS1-qWDUct9Ka_ekaiXi3YU_DDCSBIlmcR5qkwDU-UqY09ngBlmW8j7k3-9zL8q0fKH5nkFjXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970
last-modified
Wed, 14 Dec 2022 17:19:36 GMT
server
UploadServer
etag
"492436babcf53df320d9f3908f98c44e"
vary
Accept-Encoding
x-goog-generation
1671038376215048
x-goog-hash
crc32c=p0ef8A==, md5=SSQ2urz1PfMg2fOQj5jETg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
970
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
expires
Sun, 17 Dec 2023 20:28:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F5D 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:37 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2077325210&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ul=en-us&de=UTF-8&dt=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Impression&ea=google_ads_iframe_%2F64147298%2FWK-pixel-1x1_0__container__&el=Control&_u=aEDAAEABAAAAACAAI~&jid=1352355564&gjid=498969992&cid=1145010253.1671667957&tid=UA-6725325-1&_gid=1920018442.1671667957&_r=1&gtm=2wgbu0TD7CDGT&z=1237161467
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035303
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kvoNWSofSq_oqBv0m3fpwd2kyXUijoQ1wtghkg_8nOU4xInW6gY4oQ==
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533834
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
t-gleKdnZ9sibboUeYHUCOgeLhprbhM6eELt__A12CJJA1_sp9Yqvg==
hasher.js
static.sojern.com/cip/ Frame 8AFD 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sojern.com/cip/hasher.js
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.188.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:06:32 GMT
age
365
x-guploader-uploadid
ADPycdt6uNQtqife4UCVSCiHISqjJ3WF_f3Pf-BR8SwTcC0CUdubAXisyg4z_iyVGXL1rTMeJOvGuO6em9i0EuqAwMYWhw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18469
last-modified
Tue, 07 Dec 2021 16:23:19 GMT
server
UploadServer
etag
"676881567863e15eb1b6aa81b384455c"
x-goog-generation
1638894199335821
x-goog-hash
crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
18469
accept-ranges
bytes
expires
Thu, 22 Dec 2022 01:06:32 GMT
v2fnfd1_xsLgLQAC3YtgiA8EEl6tJjKk5X6mAcjIU44PKkrtziJkyltvS0hL9SzH2i7s2bJsJ
sablesong.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sablesong.com/v2fnfd1_xsLgLQAC3YtgiA8EEl6tJjKk5X6mAcjIU44PKkrtziJkyltvS0hL9SzH2i7s2bJsJ
Requested by
Host: sablesong.com
URL: https://sablesong.com/v2fxbFDTFPIG7htpZJhriRyZW4B0nAmtD4nzOOC3yVd9EzKYFE6PdyAW6FCi_wCIl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
79f01341ff81de34256a398e3af45adab79ffd2af41c9569afd23a7d3188c86f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 22 Dec 2022 00:12:37 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.frommers.com
x-hostname
fen-hoothoot-europe-west1-spot-d6q6
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 22 Dec 2022 00:12:36 GMT
7cf90036
www.travelzoo.com/akam/13/ Frame 3F3A 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/akam/13/7cf90036
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eba95b33920a729b87c92f7da21b1494af2efd40e193ea7c4cdec7b5c66cf224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:06:50 GMT
etag
"09c87484c5f2be9b0a608409a65636e6484e65ae14f73fcfc3a1dfb2c07040bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
8798
expires
Thu, 22 Dec 2022 00:12:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3F3A 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1428 / 497 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Dec 2022 00:12:37 GMT
HWG9EaRYB
www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/ Frame 3F3A 		195 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f37396500663b3e2d053ae3dfd76d81b4a3dfac1238da8d76a41f220a54f8a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 18:22:41 GMT
etag
"ae2264d593584da33756747182668615cd8d7540f13d74c41921d777e053f92b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
77423
sec-3-8.css
www.travelzoo.com/_sec/cp_challenge/ Frame 3F3A 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/_sec/cp_challenge/sec-3-8.css
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 16:26:53 GMT
etag
"5414e8605a62a0edec16ecf55619530cfc0ecf4f42e239dfbac2725f17ca5dec"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
626
sec-cpt-3-8.js
www.travelzoo.com/_sec/cp_challenge/ Frame 3F3A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/_sec/cp_challenge/sec-cpt-3-8.js
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eeae64bcb49af43d3afd4f1e456aa82175e56b920636d83b229dda5e130e048e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 16:26:56 GMT
etag
"f059fba7f6085cedb2c452ab600153ca152a9375ab403389af715807c55fe7a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3747
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6725325-1&cid=1145010253.1671667957&jid=1352355564&gjid=498969992&_gid=1920018442.1671667957&_u=aEDAAEABAAAAACAAI~&z=772287686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
d3d3LmZyb21tZXJzLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZyb21tZXJzLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:38 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=8756
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
95377bbe1ec49c46d8b21672dc9384f2
Content-Length
15
Expires
Thu, 22 Dec 2022 02:38:34 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sat, 21 Jan 2023 00:12:37 GMT
4CN53-63CAE-6PV78-GM8V7-FZPPY
s.go-mpulse.net/boomerang/ Frame C5B9 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/4CN53-63CAE-6PV78-GM8V7-FZPPY
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:dc:185::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
content-encoding
br
last-modified
Sun, 11 Dec 2022 16:03:05 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
51580
i.js
tag.bounceexchange.com/4929/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/4929/i.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0403d7926a4bd1de352f1f3bce34fe8a0638fa2e33d0892ee84ab7d106d488f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:11:20 GMT
content-encoding
gzip
via
1.1 google
age
78
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1698
server
istio-envoy
etag
686ff1d34ba604
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
source.m.js
s.vi-serve.com/ 		184 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/source.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
f756fcd9c73ee679d4d461d075af97937712945000ca336d1b4fe4c1a5a6ed7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtvybTi638hj5cZ9HOEBsxSAj1cReO895syJKwNJwqy1okKaZ9waCUY-iTRfy2D6cz1_I4g_8en7S869551yetS5cmXba-0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44819
x-sp-metadata
HS256.CIbejp0GEogBCiQ0NWMxNjU4MC0zY2U4LTQ2M2EtYTE1OS0wNGZhNDQ5Y2M5MTIQoOnC6rGG/AIaBgj2wY6dBiINMjE3LjY0LjE1MS42OSjO1QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGM2NmM1MGU1LTg1MzUtNDlmMy05MGZiLWViZTQ3MzExMTRkZBiT3gIiGAgCEhRjZHMwMDYubG80Lmh3Y2RuLm5ldA==.gQ73Gkau6xnsMPZCMv8oApEKuSInH+XXXL1HwcfBkig=
last-modified
Tue, 15 Nov 2022 11:25:51 GMT
server
UploadServer
etag
"d8dc50826782b620b4d67ccad8c63d29"
access-control-max-age
86400
x-goog-generation
1668511551925045
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=SK3kog==, md5=2NxQgmeCtiC01nzK2MY9KQ==
cache-control
private, max-age=0, max-age=300, must-revalidate
x-hw
1671667958.dop084.lo4.t,1671667958.cds211.lo4.hn,1671667958.cds006.lo4.c
x-goog-stored-content-length
188600
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
truncated
/ Frame EEB1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e936b11be5f1b687f137ab20178b8d2a15323576d5ed537426f9f04b4a358e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EEB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssU-VBG0oE7_wAeiOucLcHH-vUQn9zRp2fouR0JH6jsvLu3lAJBKbc9R2gl5hL4RudFJhs6TRfzn-Usy5xMNITP0KBwIjAIcd1k6-IIDEK0iqocN-Ezx0RB35Il9jEmnlZe8l2io8cmN8H0RZSr_LPLSHuKJX2ISIfKDSeXYhHyRc3KO0fPFNeyQlDwFPw8gU9KUmgL8ySjlS2NYAXqzMTSx33NcoLthr8TU-3HEmvsaluLQSfP4PgKBr7Eq-h5vPHZ3bTuIvBA5G2UmqncfwmIb1RuS6vW1OB1sUIdV0qx6IACnrlr8DK0YN-A97CfVPIcMccWKpsR6R8GMuM&sai=AMfl-YQLV5r7z2YHKYHgNLrCpN2yxn8LytI6RRf2Q5E3M1Oax7lb9Ye1VNhAoBGfRivdN10VlCTHGhxUp4nRRrglgZlSuNrOacC9ztb7_yFHdHg1ailiO1EkonHBiujiOC3gdA&sig=Cg0ArKJSzAnHEMfHDR_3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:37 GMT
vtk
pixel.sojern.com/partner/3LAZffpCymuCp0RD/ Frame 8AFD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.sojern.com/partner/3LAZffpCymuCp0RD/vtk?pc=%2F&domain=https%3A%2F%2Fwww.frommers.com%2F&cid=https%3A%2F%2Fwww.frommers.com%2Ft%3D%7Cva1%3D%7Cva2%3D%7Cvb%3D%7Cvd%3D%7Cvd1%3D%7Cvd2%3D%7Cvf1%3DBrazil%7Cvf2%3D%7Cvn1%3D%7Cvn2%3D%7Cvs1%3DSouth%2520America%7Cvs2%3D%7Csha256_eml%3D%7Cccid%3Daf470141-821b-4ede-a76a-b29759f809c2%7Cp%3D%252Fdestinations%252Fbrazil%252Fplanning-a-trip%252Fentry-requirements--customs&t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pt=TRACKING&et=
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
87e22b9aca17f9e45bc115ef9e801e20fd6c167ff8e039ec552ce5b4726d116b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/javascript
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
565
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F54 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HWG9EaRYB
www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/ Frame 3F3A 		18 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.travelzoo.com
access-control-allow-credentials
true
server-timing
edge; dur=4, origin; dur=4, cdn-cache; desc=MISS
access-control-allow-headers
Content-Type
content-length
18
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2077325210&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ul=en-us&de=UTF-8&dt=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Impression&ea=google_ads_iframe_%2F64147298%2FFrommers_Inline_300x250_0__container__&el=Control&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1145010253.1671667957&tid=UA-6725325-1&_gid=1920018442.1671667957&gtm=2wgbu0TD7CDGT&z=285407553
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77407
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2cqi12WWz_ku5MLc16_G3HyVN8UWFBGbzQzULunah1MTxfIUVH_exvQTggmVw8OrIsBOiiJC
sablesong.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sablesong.com/v2cqi12WWz_ku5MLc16_G3HyVN8UWFBGbzQzULunah1MTxfIUVH_exvQTggmVw8OrIsBOiiJC
Requested by
Host: sablesong.com
URL: https://sablesong.com/v2fxbFDTFPIG7htpZJhriRyZW4B0nAmtD4nzOOC3yVd9EzKYFE6PdyAW6FCi_wCIl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a092ebf76fba793deef4914ea30f46047b563e586164dba2ff6cf9d514db37b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 22 Dec 2022 00:12:38 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1252
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.frommers.com
x-hostname
fen-hoothoot-europe-west1-spot-d6q6
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/ Frame 3F3A 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 13:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 13:37:34 GMT
truncated
/ Frame 2F5D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
865146c6a4e1c88b256ec74fa6ecd2ea3169616549937e0d4bc5cb560615e5e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2F5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvo36_NFnRenTnb8VY-5G8jA0fA5w2bxI9Y3Q8NtFx_Iel7U-X_l-bicJMXKYt8uVNw50B4MaNetts-EXXTXoacH3S7zj7wSVPS9OcRPB8OBFconNes660coZmNrIwwCXYCS58bR9arckJKvyz7US2jf8E1Ck4BQV4vpsXhdWwjwCmWMxlu1zXbEfpROgm8KELPFAr8_Oi27y385P-IW5spcUrbrvDUBdbcHGJs9dJg9f30Jpc-iDO7OanARJ_HoS5XFnU4gSljqsAOCIasmE6UbkT0PYw2Lg1-A9D3G05TKFyHcvBPUlEn4VeXcHl7tH6G-0&sai=AMfl-YQg4_YC3JKfDVkHKo4g6XSX38_S26ooXqUxknG846ypjgQqtdjJiR5OBvzhJ3R0m9cRETD1jVdaxlbiU_5r2mFHjHp74mPHbwW_w2PXSJhKwasOEcBH8pDcoEZAsbmWjg&sig=Cg0ArKJSzIpf88OGTOHeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:38 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F61 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f800:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 13:10:44 GMT
content-encoding
gzip
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA6-C1
age
39714
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
jwwazcs6pExR999TMqW6zza5z9olv6MPb7nRLFnIMnGPSLG4rJ6Iqw==
expires
Thu, 22 Dec 2022 01:10:44 GMT
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 2F54 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533835
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SJF4DhT9IKFWuA9fXr6eakG4exZS1IRyiPA3q2XHoHLdUp39NJTMgw==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 2F54 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035304
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
mWbUACt2XoWqe_t6k0NMTKCthboP5qR6r1hOUq9RV_cIes5_fwPilw==
google
de1-bid.adsrvr.org/bid/feedback/ Frame 2F54 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=5b09269e-a238-40df-92f6-77e9be2f4dcb&crid=6fqgapcd&wp=Y6Og9QAKCY0K4FOWAAclUyKtHu2igzHkQ6Y9Nw&aid=1&wpc=USD&sfe=15db20f5&puid=CAESEKptHSid0D0xN2KtGhJXj-c&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=1iA6sNpFX1EB-jLR-FvtYp2j6ZtdBSux8RFC0uUXVRnw.&bp=0.2123520967646&cf=4097910&fq=0&td_s=www.frommers.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=97&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-6368649565956303&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=9.54000000000002&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW44AVABeACAAQCIAQGQAQGwAQC6AQQIARgE&dur=CjsKHWNoYXJnZS1hbGxUVERDdXN0b21Db250ZXh0dWFsIhoI2v__________ARINdHRkY29udGV4dHVhbAowCgxjaGFyZ2UtYWxsLTEiIAj___________8BEhN0dGRfZGF0YV9leGNsdXNpb25zCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=r5gBsD&crrelr=&fpa=427&pcm=3&grdc=CAEYASABKAFAAUgC&vc=2&said=NPI7ihB5d7C5k9ZhnwpBHA%3D%3D&auct=1&im=1&tail=1
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.248.151.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:37 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
generic
match.adsrvr.org/track/cmf/ Frame 2F54 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v4
metrics.getrockerbox.com/track/ Frame 2F54
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=6fqgapcd
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26ti...
  • https://metrics.getrockerbox.com/track/v4?uid=2841619000722146709&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=6fqgapcd&uid_ts=1671...
44 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=2841619000722146709&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=6fqgapcd&uid_ts=1671667958
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.64.175.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJvW3kuXGB6Ohf1oAuiGFeSPDmGguPF9FSAhfb3WhQ4rVi3nuUpntC%2F1nV%2F5u6fDJmOfoUG8tYN4ofid%2FoMozVpVelQF%2B3HJwadjcoarB5kB5xq66K5r2BoaxVsbyKoo8OXF1keAMIk2b2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
77d4a5aadf7c917d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Thu, 22 Dec 2022 00:12:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d4adfef6-2b2a-4ba7-8ec5-88a9e5425159
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://metrics.getrockerbox.com/track/v4?uid=2841619000722146709&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=6fqgapcd&uid_ts=1671667958
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 2F54 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 22 Dec 2022 01:05:44 GMT
ca
choices.truste.com/ Frame 2F54 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_6fqgapcd&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-97.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
04e5397b0a23a97feaaa77f962bb563ab30c3361fea0c9e6dba42eb82d8c8e4c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
AMS1-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
7O5ZRJe2jVICTvbDEKFD8KnWoOZcMm9m4It1Smfauc-R2BrfIjv2Xg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2F54 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2F54 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
l
www.google.com/ads/measurement/ Frame 2F54 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSamtddb79V1QFUO6tHVcUa60kMeJ59ObFD0uYQOGwGInvoSclvcersNzyYwuQ4BkkG1gZndC0bYwymWdkEaJq77uBVUg
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2F54 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F54 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:38 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api
sdk.adara.com/ 		16 B
31 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.adara.com/api
Requested by
Host: js.adara.com
URL: https://js.adara.com/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.191.102.34.bc.googleusercontent.com
Software
/
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
X-Adara-Key
N2Y0OTVlZGItYTMwOC00YWU4LTkwYzgtY2M2MTkwN2FlYWYy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
via
1.1 google
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
X-Adara-Key
content-length
16
api
sdk.adara.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.adara.com/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.191.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.191.102.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-adara-key
Access-Control-Request-Method
POST
Origin
https://www.frommers.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
X-Adara-Key
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 22 Dec 2022 00:12:38 GMT
via
1.1 google
truncated
/ Frame 3F3A 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F3A 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2077325210&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ul=en-us&de=UTF-8&dt=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Impression&ea=google_ads_iframe_%2F64147298%2FHeaderAdDesktop_0__container__&el=Control&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1145010253.1671667957&tid=UA-6725325-1&_gid=1920018442.1671667957&gtm=2wgbu0TD7CDGT&z=767487098
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77407
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		379 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae4ebf47a893af26c9f146af0f337b50b181a99d0aaf217caa42b287e75d42b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 20:12:32 GMT
content-encoding
br
age
360006
x-guploader-uploadid
ADPycdukiSrgwOJPnGxY8r3AXmrYzNbYuh3GKRUgdxI3AW0-LPw5NAhnLSq3t6XxqamvlDknG3hIkoDGH5M9hpJwof0aVA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75123
last-modified
Wed, 14 Dec 2022 17:19:50 GMT
server
UploadServer
etag
"ae0c630651f2edbbfaf49175a5cc0715"
x-goog-generation
1671038390377872
x-goog-hash
crc32c=tKYxog==, md5=rgxjBlHy7bv69JF1pcwHFQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
75123
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 17 Dec 2023 20:12:32 GMT
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 8F61 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533835
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XtH7V0CUORgdmZpVQSMVSOK9WCNsWcQAnnIhcaGe9cVzG2KuGxSPPQ==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 8F61 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035304
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4XdMg-8z3l3cJzJwJpR3LZRyLpKKT1YLMXXTGRN2uRjGSSujdVVEmA==
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8F61 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 10:35:35 GMT
css
fonts.googleapis.com/ Frame 8F61 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 22:48:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Dec 2022 00:12:38 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 8F61 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:19:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 01:19:29 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 8F61 		388 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 02:43:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8F61 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
l
www.google.com/ads/measurement/ Frame 8F61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDVEOYWnH0Kcv7nc0XoOgEGmkyP2jRRyQRXx0Coj9lg17RHFPi3ddif52X9pgn3HNn-cwhAcP0H6G7uOCmLgPv2JcTmg
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
flexiproduct.html
www.booking.com/ Frame BD15 		73 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Requested by
Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1671667957605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-56.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d65afaea1941caa2a6721df837e57df8be0391ec92d0459159bdd779c27b6ad0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
br
content-length
28740
content-type
text/html; charset=UTF-8
date
Thu, 22 Dec 2022 00:12:38 GMT
nel
{"max_age":604800,"report_to":"default"}
report-to
{"max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default"}
server
nginx
strict-transport-security
max-age=604800
vary
User-Agent, Accept-Encoding
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-amz-cf-id
fiEOx2Dy3yMGTVNBq9Lzm_bDlJ3ZXAOi3DqXaTOh5cyEUJj0vL0tAw==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AdX
pixel.sojern.com/idSync/ Frame 8AFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=HRjdi-EhDvr0WPiksGFZiw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_...
  • https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT&google_gid=CAESEJupefruuf_rGFQXEcmmTDo&google_cver=1
42 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT&google_gid=CAESEJupefruuf_rGFQXEcmmTDo&google_cver=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Protocol
H3
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Thu, 22 Dec 2022 00:12:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT&google_gid=CAESEJupefruuf_rGFQXEcmmTDo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/ Frame 8AFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_hm=HRjdi-EhDvr0WPiksGFZiw&google_nid=sojern_adh
  • https://fcmatch.google.com/pixel?google_gm=AMnCDor1k4VjeCV9rn8GCTEgXUBWt0hP0JvPJdOk0kK4WpGrFcfUDtTwBe1iarqEpH4Rb96l1i5AClT85ChnzY2L_e2bJqM62lbvoyi_DFghCNdOJfiafx0
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDor1k4VjeCV9rn8GCTEgXUBWt0hP0JvPJdOk0kK4WpGrFcfUDtTwBe1iarqEpH4Rb96l1i5AClT85ChnzY2L_e2bJqM62lbvoyi_DFghCNdOJfiafx0
170 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDor1k4VjeCV9rn8GCTEgXUBWt0hP0JvPJdOk0kK4WpGrFcfUDtTwBe1iarqEpH4Rb96l1i5AClT85ChnzY2L_e2bJqM62lbvoyi_DFghCNdOJfiafx0
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Protocol
H2
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:38 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDor1k4VjeCV9rn8GCTEgXUBWt0hP0JvPJdOk0kK4WpGrFcfUDtTwBe1iarqEpH4Rb96l1i5AClT85ChnzY2L_e2bJqM62lbvoyi_DFghCNdOJfiafx0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apn
pixel.sojern.com/idsync/ Frame 8AFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DTBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT
  • https://pixel.sojern.com/idsync/apn?id=2841619000722146709&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT
42 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sojern.com/idsync/apn?id=2841619000722146709&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Protocol
H3
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date
Thu, 22 Dec 2022 00:12:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif

Redirect headers

Date
Thu, 22 Dec 2022 00:12:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
de1fd1eb-5605-4bee-b597-2527cf377618
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.sojern.com/idsync/apn?id=2841619000722146709&sjrn_id=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8AFD 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=TBK8Wsu_rQ21j1HKbaLpeI2Zv6wNYeFxgT0GDd0nbGF2M4zKOB_omDQEL9vBQvaT&ttd_tpi=1
Requested by
Host: static.sojern.com
URL: https://static.sojern.com/cip/p/3LAZffpCymuCp0RD.html?t=&va1=&va2=&vb=&vd=&vd1=&vd2=&vf1=Brazil&vf2=&vn1=&vn2=&vs1=South%20America&vs2=&sha256_eml=&ccid=af470141-821b-4ede-a76a-b29759f809c2&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.sojern.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
828537996619089.js
s.vi-serve.com/publishers/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/publishers/828537996619089.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
4cb363824e42ab6c92d3e447504726051506b5d09e728a02870e3e50768bfb36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdumTC4tkBgs3poIfBBiN6yKp2eYQz1YGLOrgpf3J-KERdtxIsFy8RsdLbYPVRHKPEMt2clPlJNvAMw9xX4bl_TdUg
x-goog-storage-class
STANDARD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
545
x-sp-metadata
HS256.CIbejp0GEogBCiQ2MzJjYzVlMS1iMTBiLTRiYWQtOTFjNC0yMDYwODcxNTJmZmYQoOnC6rGG/AIaBgj2wY6dBiINMjE3LjY0LjE1MS42OSjO1QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGE4NDljMzE3LWEzNDMtNDk0Mi1hZDJiLWI1Y2U1MTk2MzMyMxihBCIYCAISFGNkczEwOS5sbzQuaHdjZG4ubmV0.aZ5ddQkAgTBnFhuy+WPBzZg0oKelimxrA10xM8aXom8=
last-modified
Tue, 26 Apr 2022 15:04:32 GMT
server
UploadServer
etag
"f12eb4a4e58c75dd915046e6bb0efc84"
access-control-max-age
86400
x-goog-hash
crc32c=Y72tqw==, md5=8S60pOWMdd2RUEbmuw78hA==
content-type
application/javascript
access-control-allow-origin
*
x-hw
1671667958.dop084.lo4.t,1671667958.cds211.lo4.hn,1671667958.cds109.lo4.c
cache-control
private, max-age=0, max-age=300, must-revalidate
access-control-allow-methods
GET,POST
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 2A67 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533835
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vISz5iTo8N39mcPzitHkqAwEK4EEEN5pZNCKW-xXb-RkpR0mrDafoQ==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 2A67 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035304
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rMNP4cFCqThI6AH12p4c17fbQjQrXw-kwif1OerkCtjNbuMzlts1Pg==
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=63956696272692666119261750922691138699310201216460006296629164091009&nc=0&tsf=0&tsfmi=&pv=0&cb=1671667958508&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1718242951&at=&bid=e30%3D&di=W1siZWYiLDE1OV0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiaW50ZWwgaW5jLlwi%0D%0ALFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wg%0D%0AZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2Vi%0D%0AZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJi%0D%0AZW5cIjo1LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTA1MTY5%0D%0ANDA4OSxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkg%0D%0Ae1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAg%0D%0AICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAg%0D%0AICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAg%0D%0AICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxl%0D%0AOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9%0D%0AKVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9%0D%0AXSJdLFstMSwiLSJdLFstMiwiNCxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpM%0D%0AODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3%0D%0AMHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFl%0D%0Ab2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxb%0D%0ALTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0x%0D%0AMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcInRpdGxlXCJdfSJdLFstMTIs%0D%0AIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDAzMTY0NTU2OTYyMDI1MzE2NH0iXSxb%0D%0ALTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCww%0D%0ALDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAw%0D%0ALDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMTQ1MDEwMjUzLjE2NzE2Njc5NTci%0D%0AXSxbLTIxLCJ1QzBWbDdibSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwi%0D%0AW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjUzNTAwMDAwLFwidWpoc1wiOjM5NjAwMDAw%0D%0ALFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS4zLDAsXCI0Z1wiLG51bGxdIl0sWy0y%0D%0AOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwy%0D%0ALDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFst%0D%0AMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzE2Njc5NTg0ODksMF0iXSxbLTM2LCJbXCI0LzNc%0D%0AIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCw4%0D%0AMiwyMDQsMjI5LDgyNywwLDEwOTEuNCwxMDkxLjQsMjQyOSwyNDMwIl0sWy0zOSwiW1wiMjAwMzAx%0D%0AMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUs%0D%0AOCxmYWxzZSxudWxsLDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJd%0D%0ALFstNDMsIjAwMTAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUs%0D%0AIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00%0D%0AOCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIsNDhdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A508%2C%22y%22%3A5783%2C%22w%22%3A582%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=zf0uyxXDTj&sdd=%7B%7D&pto=2449
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
13147f1e31a5ae2a141c12df45f79b1926d9ba9581b06ad790431f96c9d5dd3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1590
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 679E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 3F3A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.travelzoo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3F3A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.travelzoo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2F54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1I3z9aCjY42TKJangQfTypzQD5m8ibdcqqSAvM8CwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQngAgCoAwGqBM4CT9C8bw5zDUwyClYSHtmaa89jepiGQLl8DqSYdDkwXS5RwcEBVRholYTcsWRanK0zaxcGkeIPNfecmAi3nd1kFojyKWwxBhkZCKn015JVvyWbShEmWIJ3Knuzg21fpc-xzBHuHP1CPGyO5SJfQuvp7u5RtkpaXD5S_1dcYXTywkQWERcV6pyuJrqz-YOFoDIRHrcF9ru2QtiwO-YLUt6CUV_QiJ174Zv_RAlAiSkQ14lAsUeZQP1McwNvRSOBhzZzvbiHpJ1-NYkAmt5Hdpjq-1v4lShZ0_c2eQGso-2bBHD5aVOMGKTtIKUEDctHCXRdFt4qoAdTstCZeo20y4wMMwKfSjiYHqQ30Q6M1-ZDV9KScYmU0wbr23cv3IIRZEfQPJSKHC5WgQlZ-b5mIFxmEpHXIgBRivLaIDzyqQLIdsKEMBsOCJlCn36YAZbtzOAEAYAGyqmo6ovVmanzAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM2ODY0OTU2NTk1NjMwMxiiiBQ&sigh=8h7zMYNE754&uach_m=[UACH]&cid=CAQSPADq26N9n45m0qAR_FJ91Wyll2eC9pyjaBfsMFbxmj0b5XR9iS0Xmy9tAkLKhABhBakclH9irovFtwd8vhgBIBM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
impl_v92.js
www.googletagservices.com/dcm/ Frame 2F54 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 01:05:45 GMT
HWG9EaRYB
www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/ Frame 3F3A 		18 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.travelzoo.com
access-control-allow-credentials
true
server-timing
edge; dur=3, origin; dur=3, cdn-cache; desc=MISS
access-control-allow-headers
Content-Type
content-length
18
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F2A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
onsite_d77202ee63f46daf80998ccf300f48a4.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		161 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_d77202ee63f46daf80998ccf300f48a4.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 19:36:04 GMT
content-encoding
br
age
794194
x-guploader-uploadid
ADPycdvZ7j1QLL-kbuyz5nTFAsuW3Slit3e9o9XUyGkHtyT0CO43OxPINL8KXG-KXgYrZ-KT_acAUZbuIy88sYpIArsPaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34874
last-modified
Mon, 12 Dec 2022 19:36:01 GMT
server
UploadServer
etag
"a9ed059d293c786c02fb0f9ca25c4f12"
x-goog-generation
1670873761420375
x-goog-hash
crc32c=OPCM4A==, md5=qe0FnSk8eGwC+w+colxPEg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
34874
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Dec 2023 19:36:04 GMT
ads_12036d8507211f5a6513c50cdcd2188e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		370 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_12036d8507211f5a6513c50cdcd2188e.br.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f1b16eaedbed2350b3f7f27dff10f5fbbce59bcd490b57f553dc638e0999143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:20:04 GMT
content-encoding
br
age
629554
x-guploader-uploadid
ADPycduCBhhck5yQS1lWl0g8EkRh0gLx55AtvA0Umai_Y7FEzcr68I2UIr5iFQp3o9OdVu2FlSCUIRyF4IeKE1WMXuXzdQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70338
last-modified
Wed, 14 Dec 2022 17:19:41 GMT
server
UploadServer
etag
"619c57a9563094b124e4bd07c0f57b65"
x-goog-generation
1671038381010085
x-goog-hash
crc32c=TosGwQ==, md5=YZxXqVYwlLEk5L0HwPV7ZQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
70338
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 14 Dec 2023 17:20:04 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1671667958879&sessionId=1c7ea16b-3d8b-71c9-6000-a306993cc0b4&url=www.frommers.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:39 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
43f624362035e7cff09e7ff60bfb1bdf
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=undefined&idx=0&rand=61595&key=NANOWDGT01&widgetJSId=GS_1&va=true&et=true&format=html&adblck=false&abwl=false&clid=1c7ea16b-3d8b-71c9-6000-a306993cc0b4&fdu=www.frommers.com&px=508&py=5783&vpd=4583&cw=583&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000999&sig=uC0Vl7bm&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33ebb3ed6a4446d1ec051b534c4d2b39070da2159f89d345a4b0e8a769718684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671667959.945102,VS0,VE132
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21969-LGA, cache-vie6360-VIE
x-traceid
27768353b9004b528609794b1d9e32ed
accept-ranges
bytes
content-length
3713
expires
Thu, 01 Jan 1970 00:00:00 GMT
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 679E 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533835
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ms9Plk9w9SzzmXhNm7BnfITXYdMaZ9HSpQyk6Mfz5tGK5D2YtKw4OQ==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 679E 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035304
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UWbFTTQSfqSxoT8kv01dB79Q_KibFa0L08Od3659cZexewM1gd_kUg==
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=41934
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
ads
securepubads.g.doubleclick.net/gampad/ Frame 3F3A 		39 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3610688321997664&correlator=3988587232967802&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fif&rdp=1&iu_parts=21848839049%2CFrommers.com%2Chome720&enc_prev_ius=%2F0%2F1%2F2%2F&prev_iu_szs=750x300&ifi=1&adks=2965668729&sfv=1-0-40&prev_scp=vertical%3DAll&sc=1&cdm=www.travelzoo.com&abxe=1&dt=1671667959084&lmt=1671667959&dlt=1671667957850&idt=752&adxs=8&adys=8&biw=-12245933&bih=-12245933&isw=578&ish=270&scr_x=-12245933&scr_y=-12245933&ucis=v23yddr2obb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.travelzoo.com%2FGAM.aspx%3Fnc%3D21848839049%26au%3D%2FFrommers.com%2Fhome720%2F%26sz%3D%5B750%2C300%5D&ref=https%3A%2F%2Fwww.frommers.com%2F&top=https%3A%2F%2Fwww.frommers.com%2F&etu=ADvE6kA26LMtCfjventRMucz0ofFiOqngxdjqZkWuWzzC1Mk2gODi-DU2EGo_m9tZXIccXm-A70RXdosTc0F6urtTJa5twQNcRxhsSm1T-d3brwx2tXJ5E24S8gElEV7kNWhYwfW0Nd8yJGcUs-O2o0--QTlTavI-08Ghhg&frm=24&vis=1&psz=562x0&msz=562x0&fws=256&ohw=0&ea=0&ga_vid=1331305883.1671667959&ga_sid=1671667959&ga_hid=248701669&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8f420cbcb29f045f8b399da4f15de61660c5cb6242c7aa1e86b57fef6847185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12351
x-xss-protection
0
google-lineitem-id
5184869890
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138289285618
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.travelzoo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:39 GMT
expires
Fri, 22 Dec 2023 00:12:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel_7cf90036
www.travelzoo.com/akam/13/ Frame 3F3A 		0
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/akam/13/pixel_7cf90036
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/akam/13/7cf90036
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

expires
Thu, 22 Dec 2022 00:12:39 GMT
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
0
content-type
text/html
82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame BD15 		1 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 01:59:24 GMT
content-encoding
br
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1635195
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jun 2020 10:23:33 GMT
server
nginx
etag
W/"5eda1d25-51a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
07XgSlE7BPZzhJhTu1jfyad_WiR4y0aUQmrSuMOiXWUYwNmRqVnV4g==
expires
Mon, 02 Jan 2023 01:59:24 GMT
f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame BD15 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 08:15:57 GMT
content-encoding
br
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
2476602
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Fri, 05 Jun 2020 14:42:31 GMT
server
nginx
etag
W/"5eda59d7-2ae3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
1GGVtdzQf3e_yDIGd5sJtfURfQa14xAO4yfb00MX-GTrPA0a8bVgsg==
expires
Fri, 23 Dec 2022 08:15:57 GMT
19d26ccbecea13a40501b1a204f92d7797638c6b.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame BD15 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 03:41:35 GMT
content-encoding
br
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1715464
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jun 2022 06:07:04 GMT
server
nginx
etag
W/"62ba9a88-33d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
0WzYDtsNmrL3Tthm7nAC28Cdti2igXgoPP_63zcL_1MTc0Ixv_QxVA==
expires
Sun, 01 Jan 2023 03:41:35 GMT
3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame BD15 		952 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 02:22:22 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1201817
x-cache
Hit from cloudfront
content-length
952
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:19 GMT
server
nginx
etag
"5cadd1af-3b8"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1FNkmTs_weYJkxlLYhxi6kPMsOqXObFL2dn73GDQ036UhwGMRY8FcQ==
expires
Sat, 07 Jan 2023 02:22:22 GMT
ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame BD15 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 03:44:20 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1369699
x-cache
Hit from cloudfront
content-length
2904
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-b58"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
r7JtKU2In5IDflTxJ1lASKxL_fDiC5qBVET3GuKUI8chlcrUa0KoRw==
expires
Thu, 05 Jan 2023 03:44:20 GMT
0ca8372024cd7370c4aed6aa1d8dd3d5feb83935.png
cf.bstatic.com/static/img/affiliate_base/flexi/usp_icon_dark_blue/ Frame BD15 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/affiliate_base/flexi/usp_icon_dark_blue/0ca8372024cd7370c4aed6aa1d8dd3d5feb83935.png
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5e511da3a4fb796a0757d341558c86fb123752f39c370f6dc1eef9bc4885bd31
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.booking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 05:05:00 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1537659
x-cache
Hit from cloudfront
content-length
1230
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:50 GMT
server
nginx
etag
"5cadd1ce-4ce"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2bV-fQeX2g1zQNiomqXZm2RU51I1u5HhcqBXKCVPBYINDgS6mVEVpA==
expires
Tue, 03 Jan 2023 05:05:00 GMT
85522fc012ea427986aabb503405f288a30cc3c8.js
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame BD15 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3600:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 04:22:45 GMT
content-encoding
br
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
2317794
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 25 May 2022 11:00:45 GMT
server
nginx
etag
W/"628e0c5d-1ed10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
LuhJMlZt98To2sVa_z4Z4XPDDvygJITDF4Ic2pd4o7IyStX3T9ZO1Q==
expires
Sun, 25 Dec 2022 04:22:45 GMT
eb78197b2eee9a032c319d91a6e1c581e295f284.js
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame BD15 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3600:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 10:52:38 GMT
content-encoding
br
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
2294401
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
W/"5e39454a-84eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
ZjIHHhBLsdTyLoggDed6zPO4mTlhukijOwJ7VmpSR6yRK4P2QeQjvw==
expires
Sun, 25 Dec 2022 10:52:38 GMT
a620a252f1d0110ab972e81348133431e8486098.js
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame BD15 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3600:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 03:26:51 GMT
content-encoding
br
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1370748
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
W/"5e39454a-903"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
owPfEMp8zESRuknxQHIFGFg4YHptqAxUQJNnSNMPkTQwpDt7WtVsgQ==
expires
Thu, 05 Jan 2023 03:26:51 GMT
7e03f1178ca725d97fdd726255c96b3e71b660d2.js
cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/ Frame BD15 		392 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/7e03f1178ca725d97fdd726255c96b3e71b660d2.js
Requested by
Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=100%25&aid=1142286&target_aid=382845&fid=1671667958412&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3600:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.com/
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 01:06:40 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1551959
x-cache
Hit from cloudfront
content-length
392
x-xss-protection
1; mode=block
last-modified
Tue, 04 Feb 2020 10:19:54 GMT
server
nginx
etag
"5e39454a-188"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
u4U6Y1otNVqt7CtCDdQq19yGGbFKmCbYt1hhmJvjscMgR6CMUUMAkw==
expires
Tue, 03 Jan 2023 01:06:40 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6220 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2077325210&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ul=en-us&de=UTF-8&dt=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Impression&ea=google_ads_iframe_%2F64147298%2FRightSidebarAd1_0__container__&el=Control&_u=aHDAAEABAAAAACAAI~&jid=&gjid=&cid=1145010253.1671667957&tid=UA-6725325-1&_gid=1920018442.1671667957&gtm=2wgbu0TD7CDGT&z=1084453480
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77408
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
HWG9EaRYB
www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/ Frame 3F3A 		18 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Requested by
Host: www.travelzoo.com
URL: https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer
https://www.travelzoo.com/GAM.aspx?nc=21848839049&au=/Frommers.com/home720/&sz=[750,300]
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.travelzoo.com
access-control-allow-credentials
true
server-timing
edge; dur=3, origin; dur=3, cdn-cache; desc=MISS
access-control-allow-headers
Content-Type
content-length
18
csi
csi.gstatic.com/ Frame 8F61 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lbybxwe0&c=5093056412851&slotId=2546528206425.5&qqid=CKaltLb4i_wCFbIY4AodybME7Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F61 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
199667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F61 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
534624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F61 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CWA4q9aCjY-bWKrKxgAfJ55LoDoOh44Nut9OK7bsRwfXXtZIOEAEg4pitImCV4pCCoAfIAQWoAwHIA5sEqgSPAk_QfNRNOwmsSAAxiFRhu0zIX1WbkumXTo4US5NMXR_9wMVrNA1wmp8Tz4dSNrJcp3qgcz_B0Bw98Pnidocl8GkT9yEJch8pQ0hU1BrHhN5cYIHXYmKn996FYsHfE4BEZ6c7T4K0ONhz4plsxNsYphKJzStoe1Pes17zYcKmu1yNzvnBKoRGoKLh4kygjpfK6XSpautID4P6DOWzZTTkS8LqWyJ6c7kSOmKovZBUuZex5hnxhUUWdCyahVYkZZDU0iLTN2sUgqhW69v2DOUvSPrtiFififyvI3zS4Iaikzq1rYg6MBN-BchHP3D254ddouy8fv7_u1LwpNfLBaYU_4yZ1OQ-cDOdtvdzvcZJjIvABL3z8f6OBOAEA5AGAaAGToAH8fGsvQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5eB0RHIE-DszuED0BMA2BMKiBRo2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1671667959258&ai=CWA4q9aCjY-bWKrKxgAfJ55LoDoOh44Nut9OK7bsRwfXXtZIOEAEg4pitImCV4pCCoAfIAQWoAwHIA5sEqgSPAk_QfNRNOwmsSAAxiFRhu0zIX1WbkumXTo4US5NMXR_9wMVrNA1wmp8Tz4dSNrJcp3qgcz_B0Bw98Pnidocl8GkT9yEJch8pQ0hU1BrHhN5cYIHXYmKn996FYsHfE4BEZ6c7T4K0ONhz4plsxNsYphKJzStoe1Pes17zYcKmu1yNzvnBKoRGoKLh4kygjpfK6XSpautID4P6DOWzZTTkS8LqWyJ6c7kSOmKovZBUuZex5hnxhUUWdCyahVYkZZDU0iLTN2sUgqhW69v2DOUvSPrtiFififyvI3zS4Iaikzq1rYg6MBN-BchHP3D254ddouy8fv7_u1LwpNfLBaYU_4yZ1OQ-cDOdtvdzvcZJjIvABL3z8f6OBOAEA5AGAaAGToAH8fGsvQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5eB0RHIE-DszuED0BMA2BMKiBRo2BQB0BUB-BYBgBcB
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8F61 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Di7RVpS42FCU1xVeXZjlkD29W7Ulot1Mme6zKcrMc2XsbyQ0Na-ixPt2SF-XCuGp0SbSqlkQTSLDAWIyGad19hZusF8A&cry=1&dbm_d=AKAmf-ADFOX6CJqsHTLpVl7LK-I9MERkKz-q9tE0kTcifSBbJzPzquHx2-5VImZpTMuyaPvCaBxgDMOlCmKgmOin0Yly8TVWKTnrT-erSpf1Ui34D-cifOCVZs5yQbEdU3PVGJB9JPHfgXPNZtGxYqo0rKBlravBp8aE4z7vfOve9CRHsq-yTeteFAG_wCNOzIlUFZTS2QP31odKm2j6WrLY7z7z3iL005sQfoWx3MfT3GGToJlGyMHwG4DknaxH86mLX_a_Zdtui_VeN2K0m4kGa1_Jp9IUbWLz-69MQraaMvgyya50leeC9ESJ2GLQRd7U-yWig-ACHy1o1KYnMESu9SOMejd6qYReyNQSee-eSchGz6YpcbcstdJ-TRYOZvkXDXb-UA5PZBtM4FX-Xh3G-cWOGttFxBXvcESGWzDbEBzp99BHjxMU6sNNRd4kHd-eQjg7gGeFue0NHOdqjqiBBqCr94-G_plbyVs-m8pUNh-3l25olDinQ12h0Qy1EJUS63DbKOdyqXjL5V5JktUdnhzJfScCOtmRynUSkVrIzx9qYoEzs9H6DpWSfh1Ma0P0UaxkzJU1sCrx5E1Pa3MJmd7ot8erCABC2zhUJ-3fUo6RAN42HB0xDGzE4lAykYb2Rss7r7TWLRvr7hJkWsEpbaHPy8smE28C4oSZHglV3uSmEuVSp4N73a56zJ_8dQLY0ns_PYJxkYaBivBdh-iKA3z6DYjnb8gsP5DG5GRmx2geE_-xXYeHC1q2xygodzqUP3oOgO-tgcsRf2pCCwdLUEnlrEyemaed5jgOnvNTXbBZ4jrelJl9DcNPvQOofjz67GaIal00f3FxcYLam3jPZ5KLe9X7JbxiG6unVxoc3CJtlxdMbt_u6Tjyk_L1W_f6UOJkx85hD_eJAvxHAH9uFnzInCvhEVmLANxvPBqx91pcOOkQl0ieepnOLWr_7pc6wF0OFDWTDyUVs1jh_PC9R9krNKkg5Ay5dwQeQ-6sYyuQeKnCUCRQpU8BIxRidvT-ghCrrZVnKHpKR9C1zaa65WCy8NouKjGGylWVSWKPqKkSb5yBsA8hyJPgSyEvNePnRtHILZe1Am8Y2LB9fgGSzxKSShIFkXfSFU_qxE1dLTVDc6KBdaM-INJbU2HOTMldz69x01Ky6WOq__N9_U3tSrEPgL10dBbiACPljvpYiHOZFR-Zr1qQIUp0qMe0dQJyiyvQnskeFiDYbQI1dqhnfTH1xKuZbZRA_XAPvljGgGz1uK3M78NCJNiUXss8n1Wxd0lOZgrNGdtzgP9sy1rhYtaHCXpE2gXM4SM28i-W0c1Z-Ny5AWHXsVoTXA_-5FCQB8FyYdhzpkPJkklftDFDKjoi0Z786HppbkriSmQ0SN1WfHA-vdAU-7d1gIB-qZSqlhj1SUIH5QJa04Strtei9akI8OjizJIVYBthL0eqge52HwaN_ZReNhyv9bNN-7Y2nC7PyCPGZbuemKTBI2UwV0Sg_-AugYy8GTOmxdkp_0tpK4S5i6QDSm7n-d4FV8iweOfU2wJ32YG9GEmpgGT3nVLOtsck_L2cJ-YDSsdH47AtcHWu4e5jTwbEqVcKXWrUzhqPG-v97NaEHWCydXSbxyZvYY3j6XeawRKbvEsZ8UP4nNwMMdslPqO8e88zIrUOC2V-giGaTOtxVSAs8aD_5i46BHmlbz8k1FzreZs22RFCXrLDBkYKaHarQf2Sd7AMSqxk4Sksfk_6VzxGJVBNBqC4Ts7cXIWMuWEtV8w1rSJ43wbXgBVAfAL_00si8j2mWs5s9KfPsOckVR5fg6fRRsV3gZsBCOLom1f7bzzkQKDYfhgOsD-AO-aVkgBh7qXDv-T72xta-9NGWdQgvj6fYAiF-h5mpk6tN1M2_GOIxt0_MDDqvsGEGr5H2mBTcr5H7SmwsZBhFCDEHKEyQn9Fx88sxlcQwFHec-jIWlRiIx8QS6b3FXRAzwnIJMPeYWBfGjXCDb0VCdqP1T35iRSUtJuID-1NR3jtfZBSJl2EzBaOYubVF96GNd-ybglDyjEdXKWSvlq-GCKNvGOQBeseI7qSG0Sv_zHFTp9XhGPXfVre4PXZhmavhpwbWfYouKCTKELzl2FyzQOpxealO1KP9uKVXZTv6rhDER5cEz91pRxluJspwS4pv1_Ms-5rsOmre9OlsNOpmg-24FOwqW8jj9UQqMddOoO0sm19p3lYOLXo8rZ-c2FAecANiKDVlHb2PMY2gDqDdWeePSHqnV-5Bcv2Nv5suZJsZ-6FHYV7GNdGD65WhyhJ-o4OKIDHt-a1qFK-tBvGo7ylW-vgmcfUdoavsijWKUFaQ1qLm5kNVTMRmAK-yERAZCd1O4ZJISdU2kzNtPKkpki05XxbxGmy0a4XBXiJJD3ODElss73g_NpCsGy6MUbV5DE-k-mTTbz6mOUkA0xVUjdGEDhElKtH991u3B3uYPqJkzYzYMHePcZ6MayPdSft_aWRDFaQDhp-fGLp1jbY3v9KGWd6mHUDfKQCm73ptrG5V1nWQePtvuP1ldAFFhbyMtwaysgAbKnOazD_6OsWNsAN_fOTr_1JWffeREOXYDDSFIp42SQH4o6o15ROmqXQzbyu9tFFJm0xbO6uEfbRJ4cKADzDHuBDAVDTQYnZMPXHJEKlf3cfLg8Z0I_-awXyTAy-64qHM38jFQUdCwY2hYM-jqk45_Z1MkMTPCfi8su3ExFi5-Km_qPhGmrHd64q_piY-FYVNVyfaOcFZaQBgs_JZbt2a_1drhRPZ8PdT8XqY-4oFMyU9cA8mc8NZpWXbG4DxTAud53rgktFi3YCvJfmWP8f359pOGw0HpiQ9TsSVlcnoaju7MEo4u7NHH87rOD-q8_lq0zHH0m5vJ5xiA_ZxYq8zZ69osn4IzoUSm7EJtjI9pGVDk6NMR2qVVW8PY7pCxSarSpvz_0YEB4qbj1oC7pBozsTKZlgZHWYBgp20mYxVOvwUJPezIhYru6zl0Ma8T-QUYywx-EVpOFMjrTatUwQtr567hKkMUHx-DgxAytmsmOwHu7-rT_AKSYlStY-TonzXUZdvMoT-8hwTgIQHrYFGbc_TwJF-0I0hILEq2xJclXA-KRD1VgOP_m7yE84zwO-u4loJShmD_zDWrZAEcizi8dGNzhAVLT3ZpmauoTjnNAWsTv476tRLsIDZ9mNswuCYD7izboXTt6ozxpJ5ZFx8r4BExkLe1GTcu4I1HMnEWMH2lp6NtpgmTXRy5_YEz9I6T3cIs6lNe72F0xkgQ8XNsqxiR8WFbr6Q7ys81PjYRzcG6UwkLAM4TdXbHAmdYMn81unXmQdu-Vr&cid=CAQSPADq26N9hq0LsRsjQl6ztKJFhDJfmnS1CU8tWHdAdQFX6ORGp88asuEZVvOtLSsJ2kkkNPhdPtRwwwt4wBgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
cafe /
Resource Hash
1620012ac3fc2547820311c8e1bb2c48f8c11563f16d5713c6c372a765037c55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16313
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8F61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRj6X9aCjY-bWKrKxgAfJ55LoDoOh44Nut9OK7bsRwfXXtZIOEAEg4pitImCV4pCCoAfIAQWoAwGqBIwCT9B81E07CaxIADGIVGG7TMhfVZuS6ZdOjhRLk0xdH_3AxWs0DXCanxPPh1I2slyneqBzP8HQHD3w-eJ2hyXwaRP3IQlyHylDSFTUGseE3lxggddiYqf33oViwd8TgERnpztPgrQ42HPimWzE2ximEonNK2h7U96zXvNhwqa7XI3O-cEqhEagouHiTKCOl8rpdKlq60gPg_oM5bNlNORLwupbInpzuRI6Yqi9kFS5l7HmGfGFRRZ0LJqFViRlkNTSItM3axSCqFbr2_YM5S9I-u3QWS3j9IXDTkBOe0qq613KB7EMovUHQcw9-VX1p1d-5ZVmDGwobkENGeIrvthTH5tdTfBZH4UaP4OEF8AEvfPx_o4E4AQDiAXWiO36R5IFBggDEAMYA5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH8fGsvQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDbrUMY0dz82gHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATl4HREcgT4OzO4QPQEwDYEwqIFGjYFAHQFQGAFwGyFx4KHAgAEhRwdWItNjM2ODY0OTU2NTk1NjMwMxiiiBQ&sigh=qHsrj00JrHE&uach_m=[UACH]&cid=CAQSPADq26N9hq0LsRsjQl6ztKJFhDJfmnS1CU8tWHdAdQFX6ORGp88asuEZVvOtLSsJ2kkkNPhdPtRwwwt4wBgBIBM&vt=10
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3375 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame F2A1 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533836
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TKkzKk6YMISUbskkSXvtQFDE0BcvXGJyO6ymAPh7X7mXJAJpVcKEnQ==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame F2A1 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035305
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
slv3obQzHy2LB4soU1apgL1gXvGl_E53JQWbRryJIm8HYEYZSsRIiA==
google
de1-bid.adsrvr.org/bid/feedback/ Frame F2A1 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=0d606db1-a7cd-4710-915a-221cc5e886a6&crid=piqrfv2l&wp=Y6Og9gAGZngIEdkmAACEB7QkmTCT5aP2__U5nQ&aid=1&wpc=USD&sfe=15db20f6&puid=CAESEJRr2_IDaxFdVYPXM69ODqE&tdid=&pid=vf6azue&ag=mnqhieu&adv=7zg0ss0&sig=1z798mTLvvTH5eKqZ2w5t1gAkYiNnxr3PaJGl-AM7W54.&bp=0.21&cf=4145934&fq=0&td_s=www.frommers.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=97&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-6368649565956303&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=9.54000000000002&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW44AVABeACAAQCIAQGQAQGwAQC6AQQIARgEwAHG_wbQAcb_Bg..&dur=CjsKHWNoYXJnZS1hbGxUVERDdXN0b21Db250ZXh0dWFsIhoI2v__________ARINdHRkY29udGV4dHVhbAowCgxjaGFyZ2UtYWxsLTEiIAj___________8BEhN0dGRfZGF0YV9leGNsdXNpb25z&durs=ZT7Rh8&crrelr=&fpa=427&pcm=3&grdc=CAEYASABKAFAAUgC&said=48vZRe8Va5xTyhkYAi2IVQ%3D%3D&auct=1&im=1&tail=1
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.248.151.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
piqrfv2l_300x250.png
ad.adsrvr.org/vf6azue/7zg0ss0/ Frame F2A1 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adsrvr.org/vf6azue/7zg0ss0/piqrfv2l_300x250.png?cb=546714
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf58010bc5e96de06fc6c7e0f3775c2e1786811e099abd7c8b93d9e9d0db9fcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:44:52 GMT
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 06:59:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
35074
x-amz-server-side-encryption
AES256
etag
"2cb5ed7b1cb14e1b780a95b3011de512"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
113965
x-amz-cf-id
a9xZYC9wli9cm1TV5B4_77fiO2YoJ7KyXHRqwRIHexoWZkJsXHmEHA==
ca
choices.truste.com/ Frame F2A1 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=3t6tcb6_mnqhieu_piqrfv2l&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-97.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
65f57c54dc315c0798591f6a4d56cfe69072fe4b235b56a090138702c93bbac7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 20:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
AMS1-C1
cross-origin-embedder-policy
unsafe-none
age
12937
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
NFpm2tUODxcaPM0sTyPMuYPTkFq1_FseHuybACC_N6LmdpbvVyjy0Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F2A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F2A1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
l
www.google.com/ads/measurement/ Frame F2A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBOAhO8mtMCrByQ_uNBV7OVz0bXaEx4Kd8d9RKw00nG4821jA3Tya68RLLG2Gw5iti1Ct4ZlccgVK2JYinfU2E5ZxwlQ
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F2A1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F2A1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F5D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul-VDcB0o2H8aYY_FbVIxE5Vbe4wNMRVdFQvZ-XA4HNW9h4zD-4k4Ko1-fzywUrUlm_j-PXdpNbE0DmjzrourliWJ3iCAnO1PVd_UQkycpnMR6p-yE&sig=Cg0ArKJSzMqJTia2i7qhEAE&id=lidar2&mcvt=1179&p=656,0,657,1&mtos=1179,1179,1179,1179,1179&tos=1179,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=673460798&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671667957703&rpt=411&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		424 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92732d7a242ea001a6f8df52f13141b40825f9a8e3471b533809203c36f22c2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
222791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
46704
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 10:19:28 GMT
expires
Tue, 19 Dec 2023 10:19:28 GMT
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2A67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaBbI9aCjY4yRO5nZgQeCvrCwAojMst9omue475EPqq-F5ropEAEg4pitImCV4pCCoAegAZ24-9gDyAEJqQL278HNuEWSPuACAKgDAcgDAqoExAJP0AyYt7LREh-ERSV7JZ4841Eimuj4xy3PCSARjPj896JavSuwnU13IQk_9gNZu58JzxeTDKo-iNhljlWXu6Utdfa6mK5X0Kwg7PLckmqNLlnonFmZVJnJGlBLA6L0FLFbeoMyfYevr-bJob-4oXnDrp84AI3UnyZC2L_q8myt-bIzF-p4wxgJbVJGktbrX-FsRbRDIabH80FVmVmM7SbQ3TbtLlAA98bvyuER6SbmuMBjozDHY24xN7bkToT8VVwywHnjyyWz4Ct0FFD8XSnXrnpGi828UoeE91NquqmBXJnGcQ8vxVuxMGj3Q169ePf7wSga-L3Kv-ZEPx6MAdFs8GuZc5-0nITYmS7R5NRiWrlmBysvT1J5_XivshDAZ9N1uNLmxMps63mQ2ht_O2S2-rH4aTc1Xl4-cYnfeFWsTQB7khPABPHP9pPkA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZdgAfLx4QnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ76wM0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjM2ODY0OTU2NTk1NjMwMxiiiBQ&sigh=Ap3Hm5DWnc0&uach_m=[UACH]&cid=CAQSOwDq26N9II5oAvh7JOGhPqNTPkqgWMeM0gCSKiuNNO6XocV1NA2xP65A7S8LcI6m-Sj7rHz2jKWBw0SBGAEgEw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8BDE 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 23:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2A67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2A67 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
truncated
/ Frame 8F61 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e91aabae2f3eb33d79da5b99101d733aa155c7f8947908812a15bb343ed0c293

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
828537996619089_frommers.com.js
s.vi-serve.com/publishers/ 		598 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vi-serve.com/publishers/828537996619089_frommers.com.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
a36cdec5fc5dab87947031e5ab181584c5ceed3eed4088444b5e50f077af3ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvtmzu5MkWn4fmnyleqrhaKNMo4XWP8LMqby-d-r1ZE5PsTJ_sN4sW2vmTY6wUxi9xKUIoCB1_q7NMJYZw4JqbYNQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
374
x-sp-metadata
HS256.CIfejp0GEogBCiQ1MDI2MDBlMi1jZmQyLTRhMWItODk1ZS1iNGY1NmVmNTZmM2UQoOnC6rGG/AIaBgj3wY6dBiINMjE3LjY0LjE1MS42OSjO1QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGJiZDg0YmI4LTMwNzktNGEyYS04MDA4LTI5Yzg5ZmZhMDY4Yxj2AiIYCAISFGNkczIzNy5sbzQuaHdjZG4ubmV0.coLExJtwGm/2rhzhNF0rYgBaiccfc9IGcGkU9A2knQ0=
last-modified
Thu, 10 Mar 2022 07:37:43 GMT
server
UploadServer
etag
"dd83ef39fd4e6076835aba8a1f6fec8d"
access-control-max-age
86400
x-goog-generation
1646897863159692
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ss8vwQ==, md5=3YPvOf1OYHaDWrqKH2/sjQ==
cache-control
private, max-age=0, max-age=300, must-revalidate
x-hw
1671667959.dop084.lo4.t,1671667959.cds211.lo4.hn,1671667959.cds237.lo4.c
x-goog-stored-content-length
598
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
accept-ranges
bytes
access-control-allow-headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame 4F73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2SMss1BBWRRz3MzdTpphLNu17NF9wP59BhkW-fDnXqJQINEHKGZMUF_ruYp8bLdRt6eAAy7peLh7dAJ9FmQQUzJ0BfwKawTr0kv5D8cYU4MbNqYNzgAFtbDfypWt1PwHn_LZ4IKGOilBT2rFDPymZVujD-44WS-sqCT5NEQhx5BcPzAoWUTzkOLzZ5rRKroEZ6qbHdZqfXXqLFZuLYZM3yy6YtFeP4K9GaoZB6GkJ3FPi3GYJID-eD6nsWKvXWvOma9AxIW4o0u_jUE6nECCTLeUkrII7Igu_iLvr3s23bNY3mI1zhmaFhGdBnLvSFb1XV5ycBL5C9SRl-6vxSg&sai=AMfl-YQJokZNH7b7Aa6oLjji1BTQTUDhvUAy1fPZiW6Mt6_YdnFh3DhYnsXe9JDmeNWPADwMdGtQpIqsnz0amxMeRJzwidONprVl9gYvpwVV&sig=Cg0ArKJSzAoqW00is4tvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame 4F73 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1428 / 234 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Dec 2022 00:12:39 GMT
tzoo_logo_transparent_60x14.png
ssl.tzoo-img.com/images/ Frame 4F73 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.tzoo-img.com/images/tzoo_logo_transparent_60x14.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05713be7c5bc1a73bddacf38eb4d8f8276865c8ada5bd824b7f50f5425408b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
last-modified
Wed, 21 Dec 2022 14:09:59 GMT
etag
"3f18fe94515d91:0"
content-type
image/png
cache-control
public, max-age=1209600
x-ip
44
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1796
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F73 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:39 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FF7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame BD15 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
Requested by
Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3600:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Origin
https://www.booking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 09:09:25 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
FRA60-P1
age
1782194
x-cache
Hit from cloudfront
content-length
7772
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:49 GMT
server
nginx
etag
"5cadd1cd-1e5c"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
FjSRQj287Ltu-43k0EU1ZvwDyjkqQe4Wi0xJ1z2cBR4CXSBVbnXqXg==
expires
Sat, 31 Dec 2022 09:09:25 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1671667959528&sessionId=1c7ea16b-3d8b-71c9-6000-a306993cc0b4&url=www.frommers.com&cheqSource=1&cheqEvent=2&responseTime=1266
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:39 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8863620973938f1d511e6f52816dbeb1
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136defc133ed4e8f959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474ce9498fbd38e820db61c002d1512afc2907ff1e12522cce5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1008f77f6aab951d7aefdaff64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e1f189bdb51e2cf37be7b9fb2d0767b98231c4b04aba174e05815f5d8dd7d9ce81b2c527df21d6deedc85ec54d5814aa5f0ddbc3ca187587b825ff05b2951ec42cf527101803cb63b90d8791f87ee2846bc31fa7c19ccc7780191c2de84b011f7a5973c8a364a45498cd8a2be89862ec8627d681fff57083a1aa5f767d90e25009c9b90a560effe0e77bf527dea805afff7bec38e2788811815592f17e924772baead17b226c25406e540154b8fd9e388710bd4452516bade50c80c60a06ffa4cdf8e07ec886e5e09bf9adf6574c3efd5b85b550729e45651acb7e5b7168ea66ac701ddef6c2658a7cca238ba941d1aa5e8b711d5555106001ced2eeda206910cb0a4f91cfcbf8e5881550dcc3e238c88b2a258fc018782bbcc4c54462f7358f5fd2&cb=1671667959528&cri=zf0uyxXDTj
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
B28685073.355125450;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1575238833;ord=z2xcas;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D5b09269e-a238-40df-92f6-77e9...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 2F54 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B28685073.355125450;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1575238833;ord=z2xcas;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D5b09269e-a238-40df-92f6-77e9be2f4dcb%26ag%3Da99jcch%26sfe%3D15db20f5%26sig%3DEE3Jf6ViD-XiH_BL7o0zhJqyyinM_4cH8JKcMH5rX3E.%26crid%3D6fqgapcd%26cf%3D4097910%26fq%3D0%26t%3D1%26td_s%3Dwww.frommers.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D97%26agsa%3D%26wp%3DY6Og9QAKCY0K4FOWAAclUyKtHu2igzHkQ6Y9Nw%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-6368649565956303%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D9.54000000000002%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW44AVABeACAAQCIAQGQAQGwAQC6AQQIARgE%26dur%3DCjsKHWNoYXJnZS1hbGxUVERDdXN0b21Db250ZXh0dWFsIhoI2v__________ARINdHRkY29udGV4dHVhbAowCgxjaGFyZ2UtYWxsLTEiIAj___________8BEhN0dGRfZGF0YV9leGNsdXNpb25zCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3Dr5gBsD%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26fpa%3D427%26pcm%3D3%26said%3DNPI7ihB5d7C5k9ZhnwpBHA%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2zqP9aCjY42TKJangQfTypzQD5m8ibdcqqSAvM8CwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQngAgCoAwGqBNECT9C8bw5zDUwyClYSHtmaa89jepiGQLl8DqSYdDkwXS5RwcEBVRholYTcsWRanK0zaxcGkeIPNfecmAi3nd1kFojyKWwxBhkZCKn015JVvyWbShEmWIJ3Knuzg21fpc-xzBHuHP1CPGyO5SJfQuvp7u5RtkpaXD5S_1dcYXTywkQWERcV6pyuJrqz-YOFoDIRHrcF9ru2QtiwO-YLUt6CUV_QiJ174Zv_RAlAiSkQ14lAsUeZQP1McwNvRSOBhzZzvbiHpJ1-NYkAmt5Hdpjq-1v4lShZ0_c2eQGso-2bBHD5aVOMGKTtIKUEDctHCXRdFt4qoAdTstCZeo20y4wMMwKfSjiYHqQ30Q6M1-ZDV9KScYmU0wbr23cv3IIRZEfQPJSKHC5WgQkb-5_0mLbWUkpnS-OdqxU-Pyj4BAjmblFx5Drp5itcs2Yizj6tF3ZkROAEAYAGyqmo6ovVmanzAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1rJRcG8kHbukDuLF3828KmpFFdEQ%2526client%253Dca-pub-6368649565956303%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.frommers.com%2F$0;xdt=1;crlt=TDooRUil'e;stc=1;chaa=1;sttr=796;prcl=s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
02247e2e4d5f236746f5e077ddf63c3b01528e8b12e5c73f1311876f332135f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29649
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9D2B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 5655 		2 KB
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06883c4535fd793c71181b0c51bfc63e2a1dc2881876c0e563a332e91b0bfdf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 00:12:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Dec 2022 00:12:39 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5655 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5655 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 19:53:06 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8F61 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 18:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 18:02:45 GMT
file.mp4
r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8F61
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7F043C0604ED22B40A28E45D450338E7F856FA21.7EEC1F5E2E7EE1B162626BB68B06A65A820D0B36/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:20:3d00:1011:4bdd:b426:df05/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1671667714/mv/m/mvi/4/pl/49/file/file.mp4
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:400e:15::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4430192
Last-Modified
Mon, 28 Nov 2022 13:34:36 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 22 Dec 2022 00:12:40 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:39 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
location
https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7F043C0604ED22B40A28E45D450338E7F856FA21.7EEC1F5E2E7EE1B162626BB68B06A65A820D0B36/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:20:3d00:1011:4bdd:b426:df05/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1671667714/mv/m/mvi/4/pl/49/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/ Frame C5B9 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=4CN53-63CAE-6PV78-GM8V7-FZPPY&d=www.travelzoo.com&t=5572227&v=1.632.0&if=&sl=0&si=lybfewcdzmc-rn9n92&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=500404
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/4CN53-63CAE-6PV78-GM8V7-FZPPY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:dc:394::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85f7306b6eafc63519cd3a27b5e77374bf71779d7a1f57cf36bb62145beccfcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Dec 2022 00:12:39 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 6220 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533836
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Flsxetp3uqUk21AomZoznUFULyVsYm0MB8F98hf5kAOX4cVNtVIG5g==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 6220 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035305
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Z-KxrHQ5fEzNE1dYCUJUS0_Nr6D4OjYXtWZZDXWzxt4W3JpQMmBgxA==
container.html
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A859 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:37 GMT
expires
Fri, 22 Dec 2023 00:12:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 4F73 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 21:44:47 GMT
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 4FF7 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533836
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
LOJz-A0q_XCDM8syA9iihQaIeL0TTC986aZKeFTNspstcOrf5nLi8w==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 4FF7 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035305
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jgz080482s8fXCBb1zVOSujSQGUuGeheZYGZp084hjd9whwHT6-8Rg==
current
dclk-match.dotomi.com/match/bounce/ Frame 3375 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENbaQ__4vwIHaK40reWKHQs&google_cver=1&google_push=AavPq0O6sHQKK4PbeoRaZzK5TsvrWlACO4yy5-m7Ps2UIQgPvAs6CwEFLVny_mV4kEeXP4kwDS44wvdAqPdzjX4LGHYfuxPOP8z2TQ
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 3375 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJRr2_IDaxFdVYPXM69ODqE&google_cver=1&google_push=AavPq0PmOO20JlFO81tQuEMavd1qX8S2KDGbse1dVbRurEJOoN82pP5ZSYnWhEdTOUoKc8gwsFGoxZxZXeaHffAw0fiVXcz395Uq
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3375
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHY5n6-7rLubfqpOrUkUF0s&google_cver=1&google_push=AavPq0OPRfYVrl7lVJiZin0ziSRhLo7YzeUc8v-Ib1K_mH3a3a-r8ntqyL5SeShjrjqC78T2u2ycnu50kEY...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OPRfYVrl7lVJiZin0ziSRhLo7YzeUc8v-Ib1K_mH3a3a-r8ntqyL5SeShjrjqC78T2u2ycnu50kEYwWrNaBR1MoYhCMPIJgw&google_hm=o3yG5-rjSvqlj14U6V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OPRfYVrl7lVJiZin0ziSRhLo7YzeUc8v-Ib1K_mH3a3a-r8ntqyL5SeShjrjqC78T2u2ycnu50kEYwWrNaBR1MoYhCMPIJgw&google_hm=o3yG5-rjSvqlj14U6VTDm0U
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OPRfYVrl7lVJiZin0ziSRhLo7YzeUc8v-Ib1K_mH3a3a-r8ntqyL5SeShjrjqC78T2u2ycnu50kEYwWrNaBR1MoYhCMPIJgw&google_hm=o3yG5-rjSvqlj14U6VTDm0U
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3375
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEQUN785HzrZvSN2ar0WFfM&google_cver=1&google_push=AavPq0OTtVcHo19XoqC3KPyZremEQeYAWUR4VyQW27wRxnY1XHmrUIX8gvurFKk6C421pz4Cz13mnSNaFTwmbz6t5al27iE...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OTtVcHo19XoqC3KPyZremEQeYAWUR4VyQW27wRxnY1XHmrUIX8gvurFKk6C421pz4Cz13mnSNaFTwmbz6t5al27iEPhKQ8qA&google_hm=eS10NnlDSE50RTJwSElm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OTtVcHo19XoqC3KPyZremEQeYAWUR4VyQW27wRxnY1XHmrUIX8gvurFKk6C421pz4Cz13mnSNaFTwmbz6t5al27iEPhKQ8qA&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OTtVcHo19XoqC3KPyZremEQeYAWUR4VyQW27wRxnY1XHmrUIX8gvurFKk6C421pz4Cz13mnSNaFTwmbz6t5al27iEPhKQ8qA&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3375
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-824bf005-5ba7-4e7e-964d-e650a0e5dccd-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MKBPUkARE-jG7d1XXil...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw&google_hm=A4JL8AVbp05-lk3mUKDl3M0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw&google_hm=A4JL8AVbp05-lk3mUKDl3M0
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MKBPUkARE-jG7d1XXilrZRrpln_lUn1lEFu6i2Pwf1YNI9iQo1XlZlvNYDyj4Z5z5BFeyN3bCnUbZGgbLgKv6YTp9koxEJsw&google_hm=A4JL8AVbp05-lk3mUKDl3M0
date
Thu, 22 Dec 2022 00:12:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX824bf0055ba74e7e964de650a0e5dccd003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 3375 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEC7aNpAaJnW-2QLQTik3L0A&google_cver=1&google_push=AavPq0OI9V1cWZDCdXIFZwBf9iWGALRAJXMNJK1ZdTnHUtIWsTw9sa1gYx4_SsH-gCoX67FrYEgeagGlH75WOjKyG8QdODrWLxBJNA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:38 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3375
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELMUygyAK2yyeQZIeYQae_U&google_cver=1&google_push=AavPq0OpTteF0-79i...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjg0MTYxOTAwMDcyMjE0NjcwOQ%3D%3D&google_gid=CAESELMUygyAK2yyeQZIeYQae_U&google_cver=1&google_push=AavPq0OpTteF0-79iF7_V6ZyW3KCIoU_nF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjg0MTYxOTAwMDcyMjE0NjcwOQ%3D%3D&google_gid=CAESELMUygyAK2yyeQZIeYQae_U&google_cver=1&google_push=AavPq0OpTteF0-79iF7_V6ZyW3KCIoU_nFmbaTaEV3JIq_JlLAb4L7QJyBdOgrOalIYmCI0CsTF6nEt_HqSN0UqbVK-72Il2sdJbQQ
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Dec 2022 00:12:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f2c79b9e-18da-404c-b45a-773bd674ddc3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Mjg0MTYxOTAwMDcyMjE0NjcwOQ%3D%3D&google_gid=CAESELMUygyAK2yyeQZIeYQae_U&google_cver=1&google_push=AavPq0OpTteF0-79iF7_V6ZyW3KCIoU_nFmbaTaEV3JIq_JlLAb4L7QJyBdOgrOalIYmCI0CsTF6nEt_HqSN0UqbVK-72Il2sdJbQQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3375 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0wpxpxzcXGXsg7Pa4Eg6yXsEludYDfd8afrG1Rt7aeXOkWen1jdvv14tMtpSkhl7M9xn9JQ
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame 9D2B 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533836
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4ZDhrnXncsaXg_ZuXwzbezNBJJDYOUotm0ZW7w1ateyy3tXm5pSQGw==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame 9D2B 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035305
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rerdNTDnwiJq5Yu1aPOsOa8KiI32t-Z33daytlYiN22-fN9WDbNeEQ==
google
de1-bid.adsrvr.org/bid/feedback/ Frame 9D2B 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=59eff82f-ccdc-47b9-95bb-2c53de2c1404&crid=8gdjx75r&wp=Y6Og9wACEjAIEdthAAg1XfaP5T9h530WTHrcbA&aid=1&wpc=USD&sfe=15db20f7&puid=CAESEJRr2_IDaxFdVYPXM69ODqE&tdid=&pid=vf6azue&ag=mnqhieu&adv=7zg0ss0&sig=1bs17spUqTw811SImWt1PKpTtQsu8u9rKh0zYH1QHsB0.&bp=0.21&cf=4145934&fq=0&td_s=www.frommers.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=97&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-6368649565956303&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=9.54000000000002&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW44AVABeACAAQCIAQGQAQGwAQC6AQQIARgEwAHG_wbQAcb_Bg..&dur=CjsKHWNoYXJnZS1hbGxUVERDdXN0b21Db250ZXh0dWFsIhoI2v__________ARINdHRkY29udGV4dHVhbAowCgxjaGFyZ2UtYWxsLTEiIAj___________8BEhN0dGRfZGF0YV9leGNsdXNpb25z&durs=ZT7Rh8&crrelr=&fpa=427&pcm=3&grdc=CAEYASABKAFAAUgC&said=O3oTo6O6joQAJrxgxsno4w%3D%3D&auct=1&im=1&tail=1
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.248.151.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:40 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
8gdjx75r_728x90.png
ad.adsrvr.org/vf6azue/7zg0ss0/ Frame 9D2B 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adsrvr.org/vf6azue/7zg0ss0/8gdjx75r_728x90.png?cb=959398
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7516bf7aa8456d45d52319feb29f70e241fa029b8d799249868083bbda3bc3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:44:09 GMT
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 06:59:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
8912
x-amz-server-side-encryption
AES256
etag
"3c09779d710731112a100d7bda7d80b3"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
91644
x-amz-cf-id
sBbFBYOUBgUIvP3p6UO7rf2vVNzfNAo7JIo8HOf9qlPrPr_q4NBW8A==
ca
choices.truste.com/ Frame 9D2B 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=3t6tcb6_mnqhieu_8gdjx75r&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-97.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
b1c6f3696b3ff15165e59df7aef11e8aba98a60ef3efbaab8bd57682a207d223
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 03:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
AMS1-C1
cross-origin-embedder-policy
unsafe-none
age
74342
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
g98NspCpbVLwVHqb3fDVJgtrRXPERALk2xxcjpX71TyXqDzfFnTkog==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9D2B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9D2B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
l
www.google.com/ads/measurement/ Frame 9D2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbnveJrQMKq8dpVt9B2iTq25WRiKx7CHtLkSc22XxWyhduLOnxm9StSjJy8eK8SAkpEWqyj893REKDZbBHtY16GEbi-Q
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9D2B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D2B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:39 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 21 Jan 2023 00:12:39 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a4e4eab600c0d6c763a60a4110a57324_1302_1671667959016&tm=1964&eT=0&widgetWidth=583&widgetHeight=30&widgetX=509&widgetY=5783&wRV=2000999&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=966&oo=true&lo=1668&odbreq=2821&odbres=3787&cet=4g&to=1671667956060&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Dec 2022 00:12:40 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
e8ad826e8be40b3410236e2f985bc3c1
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/2000999/module/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000999/module/streamFeed.js?e=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2942d3f1452380f1e0b4585455524f9ae5da16dbfadee6ebd7b42ca531682cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 10:32:28 GMT
server
AkamaiNetStorage
etag
"1e49bfac59af20df637ac716682955be:1671451278.887787"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13300
expires
Thu, 29 Dec 2022 00:12:39 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:39 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1662969047.139727"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Sat, 21 Jan 2023 00:12:39 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		424 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92732d7a242ea001a6f8df52f13141b40825f9a8e3471b533809203c36f22c2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
222792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
46704
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 10:19:28 GMT
expires
Tue, 19 Dec 2023 10:19:28 GMT
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 679E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUwhP9qCjY_LPC9L4gQfq8ZmYCojMst9omue475EPqq-F5ropEAEg4pitImCV4pCCoAegAZ24-9gDyAEJqQL278HNuEWSPuACAKgDAcgDAqoExgJP0MPN28ozc2gTCOjMUVu_uRTujaigSsE1ifCUYjy8CkyHQCY6ZajrJKrNgLpZcH3hwVKtwTcklQwOBHEWPiVwU1SNdPL8xOxCuOagMdh-ogaxP-ThCRNXRzrjTrdIIh09CC8ZpN6FVshiQ-c0RWjItVcYZM_jS-RgZQPgVJDZ16T17Rj_e8YEG2j_Ux1SOLTewW1JltTU2zhseOPBCiO7lfTfpm3v2_zXtVK4XVGVu25PXGsj1H84NeqcGvv83gN6Gd9ZbjP7c3MoCJQpq1eLctAqjIBRPO1N0J21kdIREHE4Xf68yv-Jwj3x8pXjgDV_mcTi4O6j3W8jR4T_EBO_II6QTx-sTv8OpjSYoVPVgFqWyTZiTYRVjPeNXxwg4LyMZv9pEymJJ7Jc7lpPwJ7MKqp28GqeTB0Mvs378tbgEzJ1Zo-ADsAE8c_2k-QD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB8vHhCeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDT2gLSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MzY4NjQ5NTY1OTU2MzAzGKKIFA&sigh=VC-ddkMc1yI&uach_m=[UACH]&cid=CAQSPADq26N9dTT3pxqGMtguAcfVxfW7H--xH1GJ0WesbMXMYngBwTQPpe1o2u37Ax_OKVrzNbIcZMhc5EWFghgBIBM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6070 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 23:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 679E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 679E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F2A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CP3pP9qCjY_jMGaayx_APh4iCqA7dleW3XPb-j45XwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQngAgCoAwGqBM4CT9C-35wTDKY396M61AxLaZh9nnXOOzEyEMDLnP5R-TKqbafkovxltgpluZhn72p62wGNKaPpiZhYuXZJ4ahxr_1sK9xQVAVWAy4lO1g5JmhyXj4YMuj2QBkbk8WyqpSa5THn_r7xcvg9DM3DLyCTKzci3YWqmqCyooIKQ-ovEbNGFE0pDdOvSampK2dgahqUzfDbNJiEJOU8fU9CVAmwLOS8tuYcY3tNWzPgv1njZblfcO_YjBlZ6mhri4nEcJvddgYY9tdeWZ0LR14jt6aaqAbHshIHsVDcHvoKx6oF4k-YeVcK90rFEW7On0ONsqGOrkzyzNLdS_GbOcoTkXnBAPy7s5CscC77d6LXneOIRMYCSnlSH82xNhUYp2veA-3cMtrKe-Eiqz_2sVa4gheBfbCHDPpT3xJXPPfP4-Wm-b3ltRATy7r8hdpQFr-zA-AEAYAGuPGt0aa8iqepAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM2ODY0OTU2NTk1NjMwMxiiiBQ&sigh=pCjR_x6WBXU&uach_m=[UACH]&cid=CAQSPADq26N9xshEqvuqRMnVWgGiJJmflg-Stpd9ERNCjcGMTSk94YSPsA9DLR7SbrRCoDUsvM7moE8jtrHquBgBIBM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5C73 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F2A1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9f93737b3350ba439b5ceabc73744a60c8389ecd4df0a8610ed88b1367e4436

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2F54 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 07:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 07:35:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 2F54 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:05:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2F54 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:52:05 GMT
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 687F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
400403
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1073
content-type
text/html; charset=UTF-8
date
Sat, 17 Dec 2022 08:59:17 GMT
etag
"ef029681564becbaa5cd6bef2a806d08"
expires
Sun, 17 Dec 2023 08:59:17 GMT
last-modified
Wed, 14 Dec 2022 17:19:29 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1671038369133056
x-goog-hash
crc32c=wj3ZbA== md5=7wKWgVZL7LqlzWvvKoBtCA==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1073
x-guploader-uploadid
ADPycdv_bq69CIEnF7XJlh8FvQ8M33etqXm3S5FUGoTD5h5U9H937K_GcVJnoWxMtsUiNzy50i9iWhDEY64avJak9kapOppS90Os
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8BDE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
Thu, 22 Dec 2022 00:12:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame F281 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
473120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 12:47:20 GMT
expires
Sat, 16 Dec 2023 12:47:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-596bd02-58d19996.js
tagan.adlightning.com/advally-frommers/ Frame A859 		57 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/bl-596bd02-58d19996.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:55:24 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
06m7zLJBoHxQFRysL3Y7fEuzXzZ8_.f1
x-amz-cf-pop
FRA56-C1
age
533837
x-cache
Hit from cloudfront
content-length
24845
x-amz-meta-git_commit
596bd02
last-modified
Thu, 15 Dec 2022 19:53:54 GMT
server
AmazonS3
etag
"1005f30a4bc9cb4a36c1a240ebf68906"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rVqxsRwY5fnY7H9EM_7kY2LzE1NzD_z9XarhE3d9AQVdZDroeP52XA==
b-8db6969-3a5c34df.js
tagan.adlightning.com/advally-frommers/ Frame A859 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:30:54 GMT
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-version-id
lbDIH6mqjyhpHPWZh0rd8ChjxvFMdauv
x-amz-cf-pop
FRA56-C1
age
5035306
x-cache
Hit from cloudfront
content-length
32461
x-amz-meta-git_commit
8db6969
last-modified
Mon, 24 Oct 2022 17:29:35 GMT
server
AmazonS3
etag
"374cf41e86c2a682ae9d2a9b49eda41a"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oTfvbYK7wbdK9buB71KacWIW7RDeJU_ftXLkcmpbHB0bdnahJX-jpw==
integrator.js
adservice.google.de/adsid/ Frame 4F73 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.travelzoo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4F73 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.travelzoo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4F73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp6YD_5pAXS4E7zIsFzAdFgDJzjyCoq5Cw5KsRW_TJ0j3fY3DC8nWZifwIX7lnwfzHG3Aq-pvFQsombvM4mH0CErBuaQaZthB024tMDzv_nIybbtbKQvbo8XJZvb_YjzQ7InnV86F01rgObHnuTnUkr761B-zoTMG__OExCUeFbrkJ_kdc_wT36mWirErPtBMbPlMoo0tQHlZcH4Z6ImLa2RfEWsSvaT7UWFZLKYYiNMTpMrYkVbxkUKyTwsoFO6MaX2yQhZ5ZvH973lF76wX2qOiggsR8xb0blmXIqH4uZ6p1OjMWldDYrKEAxVUsRDbs9Rk7MTlMDhuZXK9S-YSn&sai=AMfl-YRPnIIifByv2YlhPIr5cHl2fqOchVPUXZ8XSDrIfVZz_lDrNUCKb4wV6T_W2sXAH_PctucuvCyEA95LGpZZEeJ3DouM9KpfBaqT-tWl&sig=Cg0ArKJSzHbok188SgNXEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:40 GMT
truncated
/ Frame 4F73 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0ae775ca91938ff95c7830233b07f3016da66e12171b22268daf23e0badf160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 42EF 		2 KB
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06883c4535fd793c71181b0c51bfc63e2a1dc2881876c0e563a332e91b0bfdf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Dec 2022 00:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 00:12:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Dec 2022 00:12:40 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 42EF 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71916
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 42EF 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 19:53:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C800 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 2A67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1AStxVH0BKQGtC4o2XJeYaoFSRNhACazZ1oNdpX8cSDN_UB2No6rmYhSwWqTCdoqdPmg0snVY3rpF7oZRdt10mQtYNw
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A67 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:40 GMT
truncated
/ Frame 2F54 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f4f5f6c89d2e89d04f352d9638f793186d25a833075263e79cdfd638341dc5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2A67 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a37ae8e7132f6c1c0edf62cfe019fb74cddb078ae1073f543b37fd94d947a2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 5655 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:52:06 GMT
x-content-type-options
nosniff
age
296434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:52:06 GMT
/
t.vi-serve.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=PLACEMENT&page_url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pub_id=828537996619089&channel_id=rfwqzezlc&placement_id=plt5Som0Vl7a2KzaMMi&ad_unit_type=2&session_id=gxvb0trhccm3&focus=true&player=playerVI&build=m&pageLanguage=en&placement_w=550&placement_h=0&time_delta=4411&ab_testing_id=testPIV_false&position_on_page=18&playlist_pos=1&mobile=false&floating=false&in_view=false&cb=66a7
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.215.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-215-72.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
server
fasthttp
log
pixel.inforsea.com/server/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=p&dim1=4411&session_id=gxvb0trhccm3&env=w&affiliate_id=rfwqzezlc&domainapp=www.frommers.com&width=550&height=309&visible=0&publisher_id=828537996619089&ab_testing_id=testPIV_false&cb=3bf8
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
server
fasthttp
player.m.js
player.inforsea.com/ 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.inforsea.com/player.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
8c0c45bcb1183a4df28e414510fb1a84da4f4dcb318bd990f22c436b1cc82897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:40 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdtn_W1udl9iRcL5m4LHcUyxTblQgZ9-ZpdzjGyeZcr9Tl6dD52l63ex-2IwV0vPwk1n5qLLtJIsua4OsCnuBM8Hyn2c7_Gi
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
40848
Last-Modified
Thu, 08 Dec 2022 15:02:04 GMT
Server
UploadServer
ETag
"678244795ccbde50224d17a660637651"
x-goog-generation
1670511724198612
Content-Type
application/javascript
x-goog-hash
crc32c=PtkTvQ==, md5=Z4JEeVzL3lAiTRemYGN2UQ==
Cache-Control
private, max-age=0
X-HW
1671667960.dop082.lo4.t,1671667960.cds230.lo4.shn,1671667960.cds230.lo4.c
x-goog-stored-content-length
130637
Accept-Ranges
bytes
file.mp4
r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8F61 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-5hne6nzy.c.2mdn.net/videoplayback/id/745ce59f0d5381e3/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3814090618/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7F043C0604ED22B40A28E45D450338E7F856FA21.7EEC1F5E2E7EE1B162626BB68B06A65A820D0B36/key/cms1/cms_redirect/yes/mh/NE/mip/2001:ac8:20:3d00:1011:4bdd:b426:df05/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1671667714/mv/m/mvi/4/pl/49/file/file.mp4
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:15::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 22 Dec 2022 00:12:40 GMT
date
Thu, 22 Dec 2022 00:12:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4430191/4430192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4430192
last-modified
Mon, 28 Nov 2022 13:34:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
client-protocol
quic
adview
securepubads.g.doubleclick.net/pagead/ Frame E733 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClHrC9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS8Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZFL3svlBYAVPysPFeEF056uYavn3yiZzjM1_JeaLtH0K033PR3aHgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM2ODY0OTU2NTk1NjMwMxiiiBQ&sigh=UvE7GzoqrR4&uach_m=[UACH]&cid=CAQSOwDq26N96yI_-l-xxhcjy0w0kGbZrxnCxAIjXGYewBXi7OEY45p5lbxwqdf2Y7NYDJPoAPlG-u6YSFuNGAEgEw
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame E733 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jpsa834v5f3h63ckva42b5y1wksp3mm13ma7kbe8g8damyzadrzjrhdy1ht3vx4h16wtvk8xezkg12a5h6r6gny28gc1wwq7g2vcwhxdkpk3ypa80y6jz7jm08c4cemskp11e6jh08y9khshbrcqe3rr5w92cmn5v3zecsg0vva1gs26rpp8ap1hmaqx4jk4vvgs25752hqp9tqy1xktx7w61b8skxy5pmt7ss4t4y456c0c9c8a3905ct78cr1q2vjbh7bkk3kt37vrh801kbzy49j6xfpy1dfntb6rmwa5nscxdfez164d3fmknhmdrbv8vpdc2xb2ptpq3j3z9t2xx90c5v8rj6h374b81grbkxdx65s5hekzr0gsnk21sf6r3wrj8&b=Y6Og9gAKanUK4E5QAAgl-prsj4WoyMWpWklqZA
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Dec 2022 00:12:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame D181 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hw490hb69809t1860j8jywz97k87dacp9bvmc4zstbdk87aj42pzcd8vn2jmeaz4x6abnj72zfrpb4mv88h42en42yen403a7ecpesy363djrec6j59hv5p9rgy1cnj99xtab095dnjm8yg99x9tzzagx18qyxhmt725xs9jrzpkbk2wnmph1gqm7k45at3x697chwcgymb5drx9b4sh4gbc52gx93t1zksy6pe95gwv9da6gbge064db1r7753pvg1a73dbam74449mdqgjkqg9f5cwwjk0z795skn1j8c1nswh01f1m6179rscf5m71t59qgmvqf8tjxejveyky59366c8dqcnxznhwht9j5tm1d8nnw85nqvgwfcq5g1y8qw52rg36vgrbwy8zmr5pj84fexa686athzhhaeafj3ynmks9x0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%26client%3Dca-pub-6368649565956303%26adurl%3D
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71e252dc42a77110b7b7d868d100fe2b6719bd6a963996252a17279fece85da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77d4a5b22c98bbf7-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E733 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 940D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E733 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
l
www.google.com/ads/measurement/ Frame E733 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_a4Gm_wZrAweccvHn6IB5hGpYV9E03kf_M6u0v-tjgaL6_RuNRgwYqyWO5dG3W2eBJbTulp2zAQvaJDYWM6tHUd8dMw
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E733 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E733 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:40 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		424 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92732d7a242ea001a6f8df52f13141b40825f9a8e3471b533809203c36f22c2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
222792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
46704
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 10:19:28 GMT
expires
Tue, 19 Dec 2023 10:19:28 GMT
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 4FF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVep99qCjY_m5N8_5-gbJ2qmgAYjMst9omue475EPqq-F5ropEAEg4pitImCV4pCCoAegAZ24-9gDyAEJqQL278HNuEWSPuACAKgDAcgDAqoEwwJP0FR8arc0dRlyU4ugBYWyGxvGKtqmBIOk36hfQlLLC7VwUSF7FAk0K24a944BJvicJSJkrL01FLmswoCYiyRelX3pJGRyfMsh2-80bMcX1wj11WtpXnFTfDpE-vQRPChVBgR41p8cZy2IqBQtb--2RxsJmOCzjK40n8hfBbs_i5Qpfo_UZwjYNRaCji47VoGdDWsvRN7mZIlU9XI0Q9TYiwRsLsBmfGEcofOIfFjPdg5_7gA6vfTshDKCBZchLkRbYPL62A7WamkZKqm6ePn-bupKzBKsrhLNqktVt4kGdibdaUmHhoPWY7hfvENBhabqZ0QQ69AqXlM2IOFI8GBKM8TxLGOQqXhUVhuvAAk_9yhF8tKybclPKWwqCcg71GBXOEwKFgB9fe6gF4F0T5W-Oll5Ola06Pd3OnuS0KlYWM_0tMAE8c_2k-QD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB8vHhCeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCJvQPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MzY4NjQ5NTY1OTU2MzAzGKKIFA&sigh=9QS-Ho-n75A&uach_m=[UACH]&cid=CAQSPADq26N9fzWfxg-_0HCxHrJ5EwukCkINoE3slop7jaRyQHwTg6IcjJhn_WKlIVdp8yZOkeAqklxES1xC_xgBIBM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame D453 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 23:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4FF7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4FF7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4F73 		98 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3089711735692188&correlator=1229144563057763&eid=31070873%2C31071298&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21848839049%2CFrommers.com%2Chome720&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%2C320x50%2C320x50%2C320x50&fluid=height%2Cheight%2Cheight%2Cheight&ifi=1&adks=255356671%2C255356670%2C255356657%2C255356656&sfv=1-0-40&prev_scp=Pos%3D1%7CPos%3D2%7CPos%3D3%7CPos%3D4&cust_params=destination%3D%26origin%3D%26vertical%3DAll&sc=1&abxe=1&dt=1671667960826&lmt=1671667960&dlt=1671667959397&idt=874&adxs=8%2C185%2C362%2C539&adys=48%2C48%2C48%2C48&biw=-12245933&bih=-12245933&isw=750&ish=300&scr_x=-12245933&scr_y=-12245933&ucis=ghq8wyz50adf%7Ci6c8tgtqgb69%7Cfrvlfui1jzku%7C4qkn9bhku0px&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.travelzoo.com%2FGAM.aspx%3Fnc%3D21848839049%26au%3D%2FFrommers.com%2Fhome720%2F%26sz%3D%5B750%2C300%5D&ref=https%3A%2F%2Fwww.travelzoo.com%2FGAM.aspx%3Fnc%3D21848839049%26au%3D%2FFrommers.com%2Fhome720%2F%26sz%3D%5B750%2C300%5D&top=https%3A%2F%2Fwww.frommers.com%2F&etu=ADvE6kA26LMtCfjventRMucz0ofFiOqngxdjqZkWuWzzC1Mk2gODi-DU2EGo_m9tZXIccXm-A70RXdosTc0F6urtTJa5twQNcRxhsSm1T-d3brwx2tXJ5E24S8gElEV7kNWhYwfW0Nd8yJGcUs-O2o0--QTlTavI-08Ghhg&frm=24&vis=1&psz=710x-1%7C710x-1%7C710x-1%7C710x-1&msz=177x-1%7C177x-1%7C177x-1%7C177x-1&fws=256%2C256%2C256%2C256&ohw=0%2C0%2C0%2C0&ea=0&ga_vid=932215924.1671667961&ga_sid=1671667961&ga_hid=2021215632&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c08f2b37bb7fe0f21ccbe1e819bade3032f901ae48ab498d13a2aac501ce4cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15443
x-xss-protection
0
google-lineitem-id
6141303483,5894300156,6143110020,6140110559
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409831475,138379119523,138410828473,138409133180
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.travelzoo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09DC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
Fri, 22 Dec 2023 00:12:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 5C73
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RG9taEY2RFIxUDg5Y3M1&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cver=1&google_push=AavPq0OKIwQolRUI4Ak6zaWz9BwoTAqdBlIZSqW7Lq2JQhE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RG9taEY2RFIxUDg5Y3M1&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cver=1&google_push=AavPq0OKIwQolRUI4Ak6zaWz9BwoTAqdBlIZSqW7Lq2JQhELElhxdkRS9Qn2bgoBgS1Js-MWQwOBfCmbV0M5QRizT5ooEG5MMs4
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:40 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RG9taEY2RFIxUDg5Y3M1&google_gid=CAESEJ2NpjaoKVl7L-4G8vSyz7k&google_cver=1&google_push=AavPq0OKIwQolRUI4Ak6zaWz9BwoTAqdBlIZSqW7Lq2JQhELElhxdkRS9Qn2bgoBgS1Js-MWQwOBfCmbV0M5QRizT5ooEG5MMs4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5C73
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHbJxJX9bVWKQ1NsAmZHdLI&google_cver=1&google_push=AavPq0O_kC0Aep6LzrTJ_JMyEhXnAKSraDL-VZ08KyJ5oEZ_kksX1ON0h7ll4EP5yhVOR_6OPyrD7qnT2rfPDLbR...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0O_kC0Aep6LzrTJ_JMyEhXnAKSraDL-VZ08KyJ5oEZ_kksX1ON0h7ll4EP5yhVOR_6OPyrD7qnT2rfPDLbR0MekQq0gOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0O_kC0Aep6LzrTJ_JMyEhXnAKSraDL-VZ08KyJ5oEZ_kksX1ON0h7ll4EP5yhVOR_6OPyrD7qnT2rfPDLbR0MekQq0gOQ
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Dec 2022 00:12:40 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0O_kC0Aep6LzrTJ_JMyEhXnAKSraDL-VZ08KyJ5oEZ_kksX1ON0h7ll4EP5yhVOR_6OPyrD7qnT2rfPDLbR0MekQq0gOQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Dec 2022 00:12:39 GMT
pixel
cm.g.doubleclick.net/ Frame 5C73
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbWqki4Mb_6dnsSpgUMMw0&google_cver=1&google_push=AavPq0MichwRicoP8bDwu4PgVbZLzWgGym87DYxQhaAvMJRSVdHVftMjVWW_Py6RXexxlG4nZtfg9RwbGxrFof...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0MichwRicoP8bDwu4PgVbZLzWgGym87DYxQhaAvMJRSVdHVftMjVWW_Py6RXexxlG4nZtfg9RwbGxrFof_JSL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0MichwRicoP8bDwu4PgVbZLzWgGym87DYxQhaAvMJRSVdHVftMjVWW_Py6RXexxlG4nZtfg9RwbGxrFof_JSLFjvUh6AA
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0MichwRicoP8bDwu4PgVbZLzWgGym87DYxQhaAvMJRSVdHVftMjVWW_Py6RXexxlG4nZtfg9RwbGxrFof_JSLFjvUh6AA
Date
Thu, 22 Dec 2022 00:12:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 5C73
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELEz9t3l32DsiXJPHV1q0lA&google_cver=1&google_push=AavPq0PRUswRr1Twzt2rnkRHF4O_i9kuVwbNvgKor45fypjIH_UtwwObvfP4yPJoBRrmSDU7Nmxr0V3ocnWk3Oys...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0PRUswRr1Twzt2rnkRHF4O_i9kuVwbNvgKor45fypjIH_UtwwObvfP4yPJoBRrmSDU7Nmxr0V3ocnWk3OysouQuEmzkfG4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0PRUswRr1Twzt2rnkRHF4O_i9kuVwbNvgKor45fypjIH_UtwwObvfP4yPJoBRrmSDU7Nmxr0V3ocnWk3OysouQuEmzkfG4
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:40 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0PRUswRr1Twzt2rnkRHF4O_i9kuVwbNvgKor45fypjIH_UtwwObvfP4yPJoBRrmSDU7Nmxr0V3ocnWk3OysouQuEmzkfG4
x-host
tde-deliveryengine-production-769c9db745-nk28x
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5C73
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJyJXQjq6dETDJCes4fuVsE&google_cver=1&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTH...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJyJXQjq6dETDJCes4fuVsE&google_cver=1&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2us...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
date
Thu, 22 Dec 2022 00:12:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5C73
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEQUN785HzrZvSN2ar0WFfM&google_cver=1&google_push=AavPq0OACZV0f3ZG44SPK9SvmbeYBuLovW-cicY-pd8vL135twoCNq5WQa3xx4S3v6zRgqEEFhFjfyurCtYzi80RAYijzRe...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OACZV0f3ZG44SPK9SvmbeYBuLovW-cicY-pd8vL135twoCNq5WQa3xx4S3v6zRgqEEFhFjfyurCtYzi80RAYijzRevto8&google_hm=eS10NnlDSE50RTJwSElmbmo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OACZV0f3ZG44SPK9SvmbeYBuLovW-cicY-pd8vL135twoCNq5WQa3xx4S3v6zRgqEEFhFjfyurCtYzi80RAYijzRevto8&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OACZV0f3ZG44SPK9SvmbeYBuLovW-cicY-pd8vL135twoCNq5WQa3xx4S3v6zRgqEEFhFjfyurCtYzi80RAYijzRevto8&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
content-length
0
report
sync.teads.tv/um/ Frame 5C73
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECLSKjdcQ4_i0rwBJOYjOfA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0O7GH5IZUHHG4-LtssjpoDSSwG3PevJzfNCuHn_0uceqDBidgxxCsXLYskR3qSNPezJCyqGJ-jwAbdxx_uz8Itt33OEKaqp
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 22 Dec 2022 00:12:41 GMT
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5C73 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7B1KtuDZdi4MSPMg_UTDjxtP33s3DtRep29kwodF8gPPMFyw8s2A03czJp6QA40e3gKYccw
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 9D2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDiiR96CjY7CkCOG2x_AP3eqg4AzdleW3XPb-j45XwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQngAgCoAwGqBNACT9Dq3GXZMKhKehQe897p43I8WzbjjzeJ78HOFcgJJz-1e2KNU0S-pUJ3IGuLDyjIf7CncI7krmXZ_gC3n-fJ0W3gECiw83Hcde-j_g4EquNtm8mB2ao1gWB0BtTJ0cKmlQIlhmIqwgjTAYjwfXLatCfs9em_7WINRyKhjTCD48C_eSgSWsJe9jQjdhnnzBid8gstce8mgTAiAsIRXfh-WFaryDznj9oBkzDhxMSxm_I3-8OZ0PtzsfXfs_fd3vgFDWHygFjP9Q0qKmTP5WdMmsDTlqzA7LZnqt-GG7pqvJfopcGEGasSLsBx0bjlCBHwahbojiXDsKEx2jERV0Zfa6VqIIdp5m4tIsrIe5_3ZbWGVz8gBFuBUtQfc0xDL6MY9vv6yjyT9-xrTxA2fZ2DXHuDuMBY3FLcn_OWz9iYPvLaEizdXvmpbB9hD19ooxJm4AQBgAbT6eDD7-GRijegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTYzNjg2NDk1NjU5NTYzMDMYoogU&sigh=oqYjQ2hY9ac&uach_m=[UACH]&cid=CAQSPADq26N90CNfBJGhJ9ZsXbCZhlquHfx_L29jwPah38Y30SHXwooN5M5ENZUkb7Ng4zA6nH2EKt7N33_0qRgBIBM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 620A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Thu, 22 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame D181 		89 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hw490hb69809t1860j8jywz97k87dacp9bvmc4zstbdk87aj42pzcd8vn2jmeaz4x6abnj72zfrpb4mv88h42en42yen403a7ecpesy363djrec6j59hv5p9rgy1cnj99xtab095dnjm8yg99x9tzzagx18qyxhmt725xs9jrzpkbk2wnmph1gqm7k45at3x697chwcgymb5drx9b4sh4gbc52gx93t1zksy6pe95gwv9da6gbge064db1r7753pvg1a73dbam74449mdqgjkqg9f5cwwjk0z795skn1j8c1nswh01f1m6179rscf5m71t59qgmvqf8tjxejveyky59366c8dqcnxznhwht9j5tm1d8nnw85nqvgwfcq5g1y8qw52rg36vgrbwy8zmr5pj84fexa686athzhhaeafj3ynmks9x0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%26client%3Dca-pub-6368649565956303%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hw490hb69809t1860j8jywz97k87dacp9bvmc4zstbdk87aj42pzcd8vn2jmeaz4x6abnj72zfrpb4mv88h42en42yen403a7ecpesy363djrec6j59hv5p9rgy1cnj99xtab095dnjm8yg99x9tzzagx18qyxhmt725xs9jrzpkbk2wnmph1gqm7k45at3x697chwcgymb5drx9b4sh4gbc52gx93t1zksy6pe95gwv9da6gbge064db1r7753pvg1a73dbam74449mdqgjkqg9f5cwwjk0z795skn1j8c1nswh01f1m6179rscf5m71t59qgmvqf8tjxejveyky59366c8dqcnxznhwht9j5tm1d8nnw85nqvgwfcq5g1y8qw52rg36vgrbwy8zmr5pj84fexa686athzhhaeafj3ynmks9x0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%26client%3Dca-pub-6368649565956303%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
732327
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kShdriCoh1xXe0f%2BHaof0orxPHAmI9Ubsk%2BCyl9bOPSsgzkf6hkEgyaJRritxbl4f7KZZHyM%2B%2FCECf75LsCEkXtPcSO%2FEUdDIp0WOFZT3LeYo6AMOXovCmQOPJTj8SiQ7HqEPzbh4qQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77d4a5b46cc7bbf2-FRA
expires
Thu, 22 Dec 2022 01:12:41 GMT
r62eglto.js
ad4m.at/ Frame D181 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hw490hb69809t1860j8jywz97k87dacp9bvmc4zstbdk87aj42pzcd8vn2jmeaz4x6abnj72zfrpb4mv88h42en42yen403a7ecpesy363djrec6j59hv5p9rgy1cnj99xtab095dnjm8yg99x9tzzagx18qyxhmt725xs9jrzpkbk2wnmph1gqm7k45at3x697chwcgymb5drx9b4sh4gbc52gx93t1zksy6pe95gwv9da6gbge064db1r7753pvg1a73dbam74449mdqgjkqg9f5cwwjk0z795skn1j8c1nswh01f1m6179rscf5m71t59qgmvqf8tjxejveyky59366c8dqcnxznhwht9j5tm1d8nnw85nqvgwfcq5g1y8qw52rg36vgrbwy8zmr5pj84fexa686athzhhaeafj3ynmks9x0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%26client%3Dca-pub-6368649565956303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
150166
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8FJ%2FtmSVqYMc3o8lnlEzlc9tqwMxIeulFCalgGLdS%2F%2BuhHEmESrSfiApADIA8mCnRbOJmsXVYJVgF2w2LkTiMvFRT3Izom%2BdiiAtJcKdOoTAh%2FQzFqpKEV6tmqh%2F%2FaBDIIK02w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
77d4a5b47f3cbbf7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 20 Dec 2022 06:18:10 GMT
truncated
/ Frame 9D2B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb38b4aa2417869b17445bbeaacea341adcd53ec3019a12ea0b94541119c144b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 4CEE 		2 KB
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06883c4535fd793c71181b0c51bfc63e2a1dc2881876c0e563a332e91b0bfdf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 00:12:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Dec 2022 00:12:41 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4CEE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4CEE 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 19:53:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F54 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
index.html
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		74 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11830a14a54f6675d0ee2eceb47f639ce417014d884ee0abf88651ea283b7fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
expires
Fri, 22 Dec 2023 00:12:41 GMT
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2F54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0Hdrij_xtw6V8m2IQ2peXy0LHq-eBw34xIqWY_EbdVVoGbifUGrBymf-2I8yycvIil4-vuf2Iag46KB_6ncPxVthXjgIPbKjENJ40SY8VxOuMUGIFRI3C9YLxnPUQ9qCzDCBQy5bzbL8pGpDlVmymKLLaWe1CI8UU&sai=AMfl-YS2qoB9DO-dI46gscstzwHad0eZkn_smZdRejL6qBQnAJs3LsFh0G3As2kNDEw_7jDR72CzzPwwhU2mlwuGM6s9rPP8Qj5SxqKmCu4g&sig=Cg0ArKJSzHLf3iS_Ju0kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=887&cbvp=1&cstd=878&cisv=r20221207.49451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:41 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6070
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
expires
Thu, 22 Dec 2022 00:12:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame C800
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHnHrL-bnnodIcOss1e-zMk&google_cver=1&google_push=AavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHnHrL-bnnodIcOss1e-zMk&google_cver=1&google_push=AavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHnHrL-bnnodIcOss1e-zMk&google_cver=1&google_push=AavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77d4a5b6edd75cb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
239
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHnHrL-bnnodIcOss1e-zMk&google_cver=1&google_push=AavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Nbx_COC83h7yWCg4RndvsvdxsOfW912iRn8_aH0z9rkLxJrh6HKK6T8RAnls0JQtDxY7s08EUu_nu0A-19YNHQEaM2gC8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77d4a5b4ebae5cb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C800
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPOOXsugoOLXR6BkJZK0zZY&google_cver=1&google_push=AavPq0NdLR6wNPJKFbZUHcT513KBIr_jrfnv_dOE5x1YOjYDZEJR8C-w2EuaU8NzhphuvDQdb_D7Q818mfAb8EF4dnga88AvX7Y
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0NdLR6wNPJKFbZUHcT513KBIr_jrfnv_dOE5x1YOjYDZEJR8C-w2EuaU8NzhphuvDQdb_D7Q818mfAb8EF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0NdLR6wNPJKFbZUHcT513KBIr_jrfnv_dOE5x1YOjYDZEJR8C-w2EuaU8NzhphuvDQdb_D7Q818mfAb8EF4dnga88AvX7Y
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0NdLR6wNPJKFbZUHcT513KBIr_jrfnv_dOE5x1YOjYDZEJR8C-w2EuaU8NzhphuvDQdb_D7Q818mfAb8EF4dnga88AvX7Y
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 21 Dec 2022 00:12:41 GMT
pixel
cm.g.doubleclick.net/ Frame C800
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1IvFOIf-7saRHYnwhHEHo&google_cver=1&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6zeiT...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1IvFOIf-7saRHYnwhHEHo&google_cver=1&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6ze...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6zeiTwgW-pbIMQAGE_4hqgg
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0MuIDgu0L4fa1GY_in41sHFFc61m7d_76X-SoFYOdAwR2dKqQr5VpUAR3bADCKZl_gxX7j6zeiTwgW-pbIMQAGE_4hqgg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C800
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Q0j_LOiSaeCoP9UFzaObA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Q0j_LOiSaeCoP9UFzaObA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P8B6x-vYDs8q7g3AbsJgEPfNOV-cANNbLc3giSw_TFWBIBpWIJ1Va85NfWwoMSVyPKYpwWNFp3fYfFpEe2JEkbOkfKtmg
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7Q0j_LOiSaeCoP9UFzaObA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P8B6x-vYDs8q7g3AbsJgEPfNOV-cANNbLc3giSw_TFWBIBpWIJ1Va85NfWwoMSVyPKYpwWNFp3fYfFpEe2JEkbOkfKtmg
date
Thu, 22 Dec 2022 00:12:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C800
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHYovQzRMdDOz7Q2Ht6QmoQ&google_cver=1&google_push=AavPq0N9CK9xZGyxQqaPKMAGIup52eaZIygG_dorSZuaqKtkJQGnw0BYF18jjpe7dYumgq9G7EP...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJZQlhYWVUtVC1JUFY3&google_push=AavPq0N9CK9xZGyxQqaPKMAGIup52eaZIygG_dorSZuaqKtkJQGnw0BYF18jjpe7dYumgq9G7EPn6mqVhzDWLqm54xZgAEUWv5I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJZQlhYWVUtVC1JUFY3&google_push=AavPq0N9CK9xZGyxQqaPKMAGIup52eaZIygG_dorSZuaqKtkJQGnw0BYF18jjpe7dYumgq9G7EPn6mqVhzDWLqm54xZgAEUWv5I
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJZQlhYWVUtVC1JUFY3&google_push=AavPq0N9CK9xZGyxQqaPKMAGIup52eaZIygG_dorSZuaqKtkJQGnw0BYF18jjpe7dYumgq9G7EPn6mqVhzDWLqm54xZgAEUWv5I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame C800
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOGOXXFH6mO2-QIr5AJktpA&google_cver=1&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOGOXXFH6mO2-QIr5AJktpA&google_cver=1&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63mHeWjtb8lE&google_hm=F2xMvGZHvf_92XPVRoitmdSO
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63mHeWjtb8lE&google_hm=F2xMvGZHvf_92XPVRoitmdSO
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Dec 2022 00:12:41 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NIQ_Sj6fHIR0pHunmtLRqAEZqReF70Uo6hxdnGC6uKmkT3Uwq185CxRjPr7xl4sgDFLGWqMJJi7GvbrCh63mHeWjtb8lE&google_hm=F2xMvGZHvf_92XPVRoitmdSO
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C800
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGt_-N0hflk4EFA4j8DhqlM&google_cver=1&google_push=AavPq0OAp7-1bhRV2rAqF9Rz__a-rM14Nek_iAbu6CMeRd-mnXbotXdYXSLEX-iSb3Ol3sanr0...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mRE9QSng1RTJ1SGVZdVlwUEFVQUNXcEFBZnkydnE0ZX5B&google_push=AavPq0OAp7-1bhRV2rAqF9Rz__a-rM14Nek_iAbu6CMeRd-mnXbotXdYX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mRE9QSng1RTJ1SGVZdVlwUEFVQUNXcEFBZnkydnE0ZX5B&google_push=AavPq0OAp7-1bhRV2rAqF9Rz__a-rM14Nek_iAbu6CMeRd-mnXbotXdYXSLEX-iSb3Ol3sanr0UKJWBk2jaXUHGV_Ehnj7dOhGTd
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mRE9QSng1RTJ1SGVZdVlwUEFVQUNXcEFBZnkydnE0ZX5B&google_push=AavPq0OAp7-1bhRV2rAqF9Rz__a-rM14Nek_iAbu6CMeRd-mnXbotXdYXSLEX-iSb3Ol3sanr0UKJWBk2jaXUHGV_Ehnj7dOhGTd
date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame C800 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LmMxs7S62aBDaKndDOnrluY1z5YD-aTl2Sll-l-LnaGabCQKJcHVtZRXgqLzC_ksR5yQSZhw
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
get
mv.outbrain.com/Multivac/api/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=undefined&settings=true&recs=true&widgetJSId=GS_1&key=NANOWDGT01&version=2000999&apv=false&sig=uC0Vl7bm&format=html&rand=53310&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YTRlNGVhYjYwMGMwZDZjNzYzYTYwYTQxMTBhNTczMjQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11741-81727&layeredTestInfo=11741-81727-&clss=%2F77J%2F%2F2oxw%2FAHUmsXivDuBU9dpKhWM5ogSH8QWE2MZAU6n6%2BPMyAGlV%2BLl%2BNOr8bAqHWv%2BTUVAFAmezC&dpr=1&cw=583&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82f910cc41d4b2a924c2a24715ea064d78bdc685c70f8fd2af48a560784c4486

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671667961.119118,VS0,VE526
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21942-LGA, cache-vie6360-VIE
x-traceid
d74f2029872cbf96671ef94b3e3735ca
accept-ranges
bytes
content-length
14618
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D16 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
Fri, 22 Dec 2023 00:12:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C8FD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
Fri, 22 Dec 2023 00:12:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6454 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
Fri, 22 Dec 2023 00:12:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D27F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:40 GMT
expires
Fri, 22 Dec 2023 00:12:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
init1.js
api.bounceexchange.com/bounce/ 		36 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=466&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2IkgTkP3wBZjNgAvEKABkwHcBTAIx1WBcA+qgAmUGuQBM5TACcuOEABs4aDAUKtWAD3xTt8rjC5yFcqNgCGy5agQBzIXDnKoAC2DAADjgCkAMwAgn5SAGKhYRzRAHQwciAAtommODFISZGiimgIVuoI-uE8claMqMqR3spWCAj2DgC0Vo3AcqjekVwIbQCejQoAjnCoCik9OI2NSHA4oIk4mABuqPzAQhkgANaoXFB+xABCoVLKnVJSgSEXnj5FAKzBoffhz+HRHHEJyanpmVIvMLZOb2fLoQpvMIlMoVSHVWr1RzNVrtc6A7p9AZcYajLjjYCTaazeZFS5SADCJzkJyuNIuBwAItgQNtdvsjozmazhKAQEIanIHHsYDYcFxMDxvGxMFwfFAANoAXUw3gJlgyiWqqFqSGEMBqDksS3cVigQA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-envoy-upstream-service-time
20
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame F281 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		424 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c92732d7a242ea001a6f8df52f13141b40825f9a8e3471b533809203c36f22c2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
222793
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
46704
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 10:19:28 GMT
expires
Tue, 19 Dec 2023 10:19:28 GMT
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A859 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjquR96CjY_qUFdPd7gO51aewA4jMst9omue475EPqq-F5ropEAEg4pitImCV4pCCoAegAZ24-9gDyAEJqQL278HNuEWSPuACAKgDAcgDAqoEwwJP0E0e7G52uz6iXYtqonGvACQaM9lZtj-Xt45QULUf9KyPYeryEP2QX3YJINlUQ5fzml8pF_IoRGXMq95xYBCLcCjIbqTEF6x0xfsChWzO3J0hO_h80qjWmxLDAc4apLHTqopHufjriHdpG75zMtS6zc7lUE3ceI6jaZzvu1NqDY7ZpjNa9IVoTHXDnDNQjJ8bqjNqei10rP2lKiMraGBJJW6vvnwlbu26AFMd7k4bX02dM_aOLE5HoEeiVQIj_L3IvbjEeSJ82tgxx53rqchBjcduSp_a9IUzj1D9580AgHgs-53f8j0-nVo7f0sI0NtCkyX58u_03Nxw4aB49er_Nkh_nLriMSQvwlW9hPmPfzxxTfPzpD3-S-JKd1A3ycap3Z9UKYfbsPC01-pz6XwgTSksEd0bBP8xPPIVgeLa9UrclcAE8c_2k-QD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB8vHhCeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDT1APSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MzY4NjQ5NTY1OTU2MzAzGKKIFA&sigh=2yAmjeqa5oQ&uach_m=[UACH]&cid=CAQSPADq26N9az-7xzi299_EieQDbzIV2wJCBNx9pvje0Mic1gzRWUKt7dhrMiG67EXEY5afMTHNNhV9pSODfxgBIBM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 332D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 23:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A859 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
31435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 15:28:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A859 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 16:52:05 GMT
l
www.google.com/ads/measurement/ Frame 679E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMLidHrbufBnFTJ7pVWReUCTPhfcAEeit1liQRyxq8XdndUiqeRhMwH39LJfYK1pvQhl0hZVy6bXybn5TOPmS5S_vB5g
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 679E 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
truncated
/ Frame 679E 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0481d347a3644267be3af07f807ef2ab80727928e8151080f35514af165f63d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 42EF 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:52:06 GMT
x-content-type-options
nosniff
age
296435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:52:06 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E595 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
199236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 16:52:05 GMT
expires
Tue, 19 Dec 2023 16:52:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 940D 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIzGnM8O_3tl8oUa_7Tm2gs&google_cver=1&google_push=AavPq0OhJ3Y4wDNDt9yfXHKy_fAJ524CyTSQXzS7euxCX2KkAEy5G0uy0ahHERTLP5gF0av7-pEIEE1AteLS858KunqmJUUqYeYC8A
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 940D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHbJxJX9bVWKQ1NsAmZHdLI&google_cver=1&google_push=AavPq0Oz9QTHALfJa8c1D4UYv0qS0bYSiXVSpgGv9bv-VNku3QN_ZM1ftX7mwoXuMolpsUfVYUeN0fL3PBr9WQJv...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0Oz9QTHALfJa8c1D4UYv0qS0bYSiXVSpgGv9bv-VNku3QN_ZM1ftX7mwoXuMolpsUfVYUeN0fL3PBr9WQJvKprHW7Gc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0Oz9QTHALfJa8c1D4UYv0qS0bYSiXVSpgGv9bv-VNku3QN_ZM1ftX7mwoXuMolpsUfVYUeN0fL3PBr9WQJvKprHW7Gcd7P_gw
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Dec 2022 00:12:41 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x13 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0Oz9QTHALfJa8c1D4UYv0qS0bYSiXVSpgGv9bv-VNku3QN_ZM1ftX7mwoXuMolpsUfVYUeN0fL3PBr9WQJvKprHW7Gcd7P_gw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Dec 2022 00:12:40 GMT
pixel
cm.g.doubleclick.net/ Frame 940D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHFiZP_K6kGXMFqE8cGkMU0&google_cver=1&google_push=AavPq0P7vH_WDT9sDSLQEAnKfzh1pfCn7m23Z1l6iBE_X8iGcnatomOqtmt7s57qd64JcaZJtNJyIIbbfk0wOSEwXLaxfFdxdNVHBA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0P7vH_WDT9sDSLQEAnKfzh1pfCn7m23Z1l6iBE_X8iGcnatomOqtmt7s57qd64JcaZJtNJyIIbbfk0wOSE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0P7vH_WDT9sDSLQEAnKfzh1pfCn7m23Z1l6iBE_X8iGcnatomOqtmt7s57qd64JcaZJtNJyIIbbfk0wOSEwXLaxfFdxdNVHBA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F71B2E77122345248553D72836087AA6&google_push=AavPq0P7vH_WDT9sDSLQEAnKfzh1pfCn7m23Z1l6iBE_X8iGcnatomOqtmt7s57qd64JcaZJtNJyIIbbfk0wOSEwXLaxfFdxdNVHBA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 21 Dec 2022 00:12:41 GMT
pixel
cm.g.doubleclick.net/ Frame 940D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbWqki4Mb_6dnsSpgUMMw0&google_cver=1&google_push=AavPq0ORG0CPioyLrqSYdlqiPiIT3o6iI2zp5Det0n-odJI6AV7_2Oa_oaqMhq-lfi2ord39Brdid9sHsWP_RP...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0ORG0CPioyLrqSYdlqiPiIT3o6iI2zp5Det0n-odJI6AV7_2Oa_oaqMhq-lfi2ord39Brdid9sHsWP_RPrYh3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0ORG0CPioyLrqSYdlqiPiIT3o6iI2zp5Det0n-odJI6AV7_2Oa_oaqMhq-lfi2ord39Brdid9sHsWP_RPrYh3R_qRwrsZoq
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0ORG0CPioyLrqSYdlqiPiIT3o6iI2zp5Det0n-odJI6AV7_2Oa_oaqMhq-lfi2ord39Brdid9sHsWP_RPrYh3R_qRwrsZoq
Date
Thu, 22 Dec 2022 00:12:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 940D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJyJXQjq6dETDJCes4fuVsE&google_cver=1&google_push=AavPq0PwycJrdwa5F67B9sKxTBrw26moZJpcGUmKk62d3X7tHhwKLBigS5Wol96EjxgQw9-AVB7dOSF6eiZeYmE9zT34...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3c37e446-8e4b-4f22-ad58-1323a860bfea
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=3c37e446-8e4b-4f22-ad58-1323a860bfea
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=dbfd607c-c3d2-422f-9b18-40cafcd8fbd1&user_group=1&ssp=google&bsw_param=3c37e446-8e4b-4f22-ad58-1323a860bfea
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NPtL2U4Rrk0I_Eiv5JwKmSVon4WU36AUMMwz5Lqh8MBnNzpy4NUb0azn8O5T3yCBLZxNtSR5iQC3W2usejsSTHPqcbW-Q&google_hm=PDfkRo5LTyKtWBMjqGC_6g==
date
Thu, 22 Dec 2022 00:12:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 940D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEQUN785HzrZvSN2ar0WFfM&google_cver=1&google_push=AavPq0PV7vQColpOSG5TPT513zoKX_z5teEqqB79FwpkNxLZq_nmwiwrGEqn68IbHFM4tf-jXZ8VBGxYMVsD-jM8QDoUssK...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PV7vQColpOSG5TPT513zoKX_z5teEqqB79FwpkNxLZq_nmwiwrGEqn68IbHFM4tf-jXZ8VBGxYMVsD-jM8QDoUssKRs8GA8w&google_hm=eS10NnlDSE50RTJwSElm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PV7vQColpOSG5TPT513zoKX_z5teEqqB79FwpkNxLZq_nmwiwrGEqn68IbHFM4tf-jXZ8VBGxYMVsD-jM8QDoUssKRs8GA8w&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PV7vQColpOSG5TPT513zoKX_z5teEqqB79FwpkNxLZq_nmwiwrGEqn68IbHFM4tf-jXZ8VBGxYMVsD-jM8QDoUssKRs8GA8w&google_hm=eS10NnlDSE50RTJwSElmbmo3SUNPdHAzWUk1OWlpd3NqZH5B
content-length
0
report
sync.teads.tv/um/ Frame 940D
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECLSKjdcQ4_i0rwBJOYjOfA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0OHONoswajOIgSkiF-52aCoagwMLdBD6kkLyHhwZFUXqXWnxsGRASHbNUep5KUd7KFG9MtuChTddIw_XM_07erjM_tr1Wgvjr8
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 22 Dec 2022 00:12:41 GMT
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 940D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ii5rIWRz8NWMPxh0t99uDBGIhrtNp4e6uFyKiOO3Lh5dzol8pYb84DdTXhd8i7_tehuAWt0g
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gwdpage_style.css
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		303 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
googbase_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6289
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3BAA 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 15:59:13 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4427
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1725
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1355
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2038
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:42 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1485
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:43 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:43 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/16827164800508398685/ Frame 3BAA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16827164800508398685/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889225d4a9763a46a06e7e6a7aafe5c658277a6d0e37bb6c2a0b57eea676a781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9188
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 16:26:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Dec 2023 23:54:43 GMT
v2
vis.vi-serve.com/playlist/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vis.vi-serve.com/playlist/v2?url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&session_id=gxvb0trhccm3&category=IAB20&publisherId=828537996619089&language=en-en&useAllCategories=false&useOnlyCategories=false&pageTitle=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&pageDescription=Here%27s%20a%20guide%20to%20entry%20requirements%20%26%20customs%20in%20Brazil%20-%20everything%20you%20need%20to%20know.&pageLanguage=en&mobile=false&playlistLength=5
Requested by
Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.203.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-203-96.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
aaba5c9a56af473a40539590e3f0cd9d397435e44cd98093400141f5418a46dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Dec 2022 00:12:41 GMT
server
Kestrel
content-length
3806
content-type
application/json; charset=utf-8
css
fonts.googleapis.com/ Frame 3D47 		2 KB
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06883c4535fd793c71181b0c51bfc63e2a1dc2881876c0e563a332e91b0bfdf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Dec 2022 00:12:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Dec 2022 00:12:41 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3D47 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 04:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 04:14:04 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3D47 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15575
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Dec 2022 19:53:06 GMT
truncated
/ Frame E733 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed9814c13ddc2afde490e65bb2ab5268e34b4640556d8e71a30822e852a20d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7D16 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
tzoo.17870.0.1212597.Alaska_cp.jpg
ssl.tzoo-img.com/images/ Frame 7D16 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.tzoo-img.com/images/tzoo.17870.0.1212597.Alaska_cp.jpg?v=1
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
643a024cdc7bcc0f1fc312217644d73d5636271898d9b054fb7e19b745158ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
last-modified
Wed, 21 Dec 2022 14:12:44 GMT
etag
"1c64a34b4615d91:0"
content-type
application/octet-stream
cache-control
public, max-age=1209600
x-ip
43
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
1319258
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D16 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C8FD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
tzoo.79205.0.1053931.SkyluxTravel_Australia_AA_CP.jpg
ssl.tzoo-img.com/images/ Frame C8FD 		711 KB
713 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.tzoo-img.com/images/tzoo.79205.0.1053931.SkyluxTravel_Australia_AA_CP.jpg?v=1
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
993c0a3d3f5652582bea8af19f8f5b5e6d13783712c440e583daafdb505b3ef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
last-modified
Wed, 21 Dec 2022 14:09:49 GMT
etag
"5e212ce34515d91:0"
content-type
application/octet-stream
cache-control
public, max-age=1209600
x-ip
43
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
728283
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8FD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6454 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
tzoo.128806.0.1202988.VictoriaFalls_Zambia_iStock-181926538.jpg
ssl.tzoo-img.com/images/ Frame 6454 		848 KB
850 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.tzoo-img.com/images/tzoo.128806.0.1202988.VictoriaFalls_Zambia_iStock-181926538.jpg?v=1
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9a85ce119c1063e3aa2c32ceacf6a50fcc07a1b7ff314e2d58f913253594d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
last-modified
Wed, 07 Dec 2022 02:37:36 GMT
etag
"478a2fdee49d91:0"
content-type
application/octet-stream
cache-control
public, max-age=1209600
x-ip
44
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-length
868574
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6454 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D27F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 10:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 10:35:35 GMT
tzoo.12999.0.1210993.SydneyOperahouse_Sailing_cp.jpg
ssl.tzoo-img.com/images/ Frame D27F 		968 KB
970 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.tzoo-img.com/images/tzoo.12999.0.1210993.SydneyOperahouse_Sailing_cp.jpg?v=1
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.48 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
994a59b51588d92b6a3b4d07d662f25e42775c27af6c12bdbc72b74cc2e13a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
last-modified
Wed, 21 Dec 2022 14:12:25 GMT
etag
W/"fc302f404615d91:0"
content-type
application/octet-stream
cache-control
public, max-age=1209600
x-ip
43
accept-ranges
bytes
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
991323
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D27F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
pixel
cm.g.doubleclick.net/ Frame 620A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHbJxJX9bVWKQ1NsAmZHdLI&google_cver=1&google_push=AavPq0NdQkq1XYvntBk17uCP7rR6Dom08Aw5jGJhErMlW1QnQXvOhvz2VwO6sVDEKabahM_WePaD34MDxJ0-oqpg...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0NdQkq1XYvntBk17uCP7rR6Dom08Aw5jGJhErMlW1QnQXvOhvz2VwO6sVDEKabahM_WePaD34MDxJ0-oqpgCCDFfKbE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0NdQkq1XYvntBk17uCP7rR6Dom08Aw5jGJhErMlW1QnQXvOhvz2VwO6sVDEKabahM_WePaD34MDxJ0-oqpgCCDFfKbExpzw
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Dec 2022 00:12:41 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=tlFjo6D4RQCdkSMREljPWg&google_push=AavPq0NdQkq1XYvntBk17uCP7rR6Dom08Aw5jGJhErMlW1QnQXvOhvz2VwO6sVDEKabahM_WePaD34MDxJ0-oqpgCCDFfKbExpzw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Dec 2022 00:12:40 GMT
google
match.adsrvr.org/track/cmf/ Frame 620A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJRr2_IDaxFdVYPXM69ODqE&google_cver=1&google_push=AavPq0NzsmOO-Lq2SK_ZVRRstroi8Nwl8JW6amiq1lhKxIzXdOA7Ic0AcnPJMnxhP_YjxsHGAHrrk6st4YlovAvxDSQbVQ58oU-8
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 620A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHY5n6-7rLubfqpOrUkUF0s&google_cver=1&google_push=AavPq0Pi3ZuOeY038KOVcdE3Hk1mmFd8XnpP2mOM0MY9KB3LMWdG9gFR8T9gKxjKZSoh_29YFqb6w-CgsKt...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pi3ZuOeY038KOVcdE3Hk1mmFd8XnpP2mOM0MY9KB3LMWdG9gFR8T9gKxjKZSoh_29YFqb6w-CgsKtjrMexZJovckraIQbF&google_hm=o3yG5-rjSvqlj14U6VTDm0U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pi3ZuOeY038KOVcdE3Hk1mmFd8XnpP2mOM0MY9KB3LMWdG9gFR8T9gKxjKZSoh_29YFqb6w-CgsKtjrMexZJovckraIQbF&google_hm=o3yG5-rjSvqlj14U6VTDm0U
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:40 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pi3ZuOeY038KOVcdE3Hk1mmFd8XnpP2mOM0MY9KB3LMWdG9gFR8T9gKxjKZSoh_29YFqb6w-CgsKtjrMexZJovckraIQbF&google_hm=o3yG5-rjSvqlj14U6VTDm0U
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 620A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENbWqki4Mb_6dnsSpgUMMw0&google_cver=1&google_push=AavPq0PRQs24egrE7-qBjafmZg7AVXMuJXLDZ7lXS37761RbttzAU9A_F75uqFX07o9Ld_AbE1RzEVRZ857xz6...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0PRQs24egrE7-qBjafmZg7AVXMuJXLDZ7lXS37761RbttzAU9A_F75uqFX07o9Ld_AbE1RzEVRZ857xz6XkhK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0PRQs24egrE7-qBjafmZg7AVXMuJXLDZ7lXS37761RbttzAU9A_F75uqFX07o9Ld_AbE1RzEVRZ857xz6XkhKyW5ZCd5qI
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3OTc1OTIxNzk5MDc2MDU4OA%3D%3D&google_push=AavPq0PRQs24egrE7-qBjafmZg7AVXMuJXLDZ7lXS37761RbttzAU9A_F75uqFX07o9Ld_AbE1RzEVRZ857xz6XkhKyW5ZCd5qI
Date
Thu, 22 Dec 2022 00:12:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 620A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELEz9t3l32DsiXJPHV1q0lA&google_cver=1&google_push=AavPq0NeJaDsB7DfUpnOmLhHLs9SKzOQ_s4E_vSpDGHKiY-rybtIxttee8yhT-IXLpG5-3J8XlTApU1QWU1NdOKA...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0NeJaDsB7DfUpnOmLhHLs9SKzOQ_s4E_vSpDGHKiY-rybtIxttee8yhT-IXLpG5-3J8XlTApU1QWU1NdOKAU8XpQFNviQxj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0NeJaDsB7DfUpnOmLhHLs9SKzOQ_s4E_vSpDGHKiY-rybtIxttee8yhT-IXLpG5-3J8XlTApU1QWU1NdOKAU8XpQFNviQxj
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Dec 2022 00:12:41 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1hiDjtCDQoS_uWjlbZ-iVg2&google_push=AavPq0NeJaDsB7DfUpnOmLhHLs9SKzOQ_s4E_vSpDGHKiY-rybtIxttee8yhT-IXLpG5-3J8XlTApU1QWU1NdOKAU8XpQFNviQxj
x-host
tde-deliveryengine-production-769c9db745-8d9mb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 620A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHreSpxE6xT-dtraf4Gtivw&google_cver=1&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pl...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHreSpxE6xT-dtraf4Gtivw&google_cver=1&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pleyNa3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pleyNa3
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ngb2Yx3mj26UDH_pnV12h5l1Al_vs3MqUARHCDfosQkl5uwQGuFkWz7lVrD5RgwypoEsLNOUX8tq2_uSl9G6XG7pleyNa3
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 620A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJN_iRR3prYuZuoG2KnyR90&google_cver=1&google_push=AavPq0O0fZ0SR4PIGNkCwbhuHe3V6I6yAPEBTa-VEdpEL-URJtvlIhw0B-wi6WAuKwlJMCvWhIF8rKgJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0O0fZ0SR4PIGNkCwbhuHe3V6I6yAPEBTa-VEdpEL-URJtvlIhw0B-wi6WAuKwlJMCvWhIF8rK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0O0fZ0SR4PIGNkCwbhuHe3V6I6yAPEBTa-VEdpEL-URJtvlIhw0B-wi6WAuKwlJMCvWhIF8rKgJFsqYps5fLLElMGj7tT_v
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE2ODU1NjQ1NzU2NjUwMTYzNA&google_push=AavPq0O0fZ0SR4PIGNkCwbhuHe3V6I6yAPEBTa-VEdpEL-URJtvlIhw0B-wi6WAuKwlJMCvWhIF8rKgJFsqYps5fLLElMGj7tT_v
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 620A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHQ-tt8JtK9oGWAUPt849jYpPXxUaDbkuktSAoHjUGDQonSVWKNh52WKKMtRqUXMJztVKu
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame D453
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
expires
Thu, 22 Dec 2022 00:12:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Jetex-w.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex-w.svg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 10:37:12 GMT
age
48929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
Jetex.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex.gif
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5259
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
4_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/4_3.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c4572a6972f95aa10fc62d3315213a892d86f671e3f2438c638b0e763a8008
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27970
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/01.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd286acf7c592fd02073cc5b37f90f86cd37b8b8d70e15f7af1493500fe4e186
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23668
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
02_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/02_1.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc12f8414d5da580f8cdbcff0da9e32bd41013a26a7812b8a28a1df0975e4b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20390
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 5655 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/3.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa2621769327855ded880036d5283b631c4ccb0913c7b7a36b4078c8b2f25a84
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 21 Dec 2022 10:37:12 GMT
x-content-type-options
nosniff
age
48929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24956
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
l
www.google.com/ads/measurement/ Frame 4FF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4ZCufK_WxfMZfTOzxK2taZ05LRsF_2rLDrknBNIf8S7JYu1sFjhrEMHzEURW_1vqaS929LpREu2Nkm5a93kb5ki4Rtw
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4FF7 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D181 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25602992
x-guploader-uploadid
ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e%2BB9wuz98ucTdoB7s6DRC1%2F24kmvSC3O963%2BHp%2FxbXKaWGsw%2FrnY7nkMuOj1PgPw2qdSwHe858d2SyVsO7Vey2SI9%2Fqzhaq3cN432mO48%2BRG%2F01Kuky91uz5r3EPPuhl0Lqd2%2F7Z59k9Szp6jB1KRxX"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
77d4a5b81d7f9bef-FRA
expires
Tue, 28 Feb 2023 16:16:09 GMT
truncated
/ Frame 4FF7 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30414bb792b5ca304fd491dea7ebf6626d2acc86b6c2fcc0b12c2095764da4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 4CEE 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:52:06 GMT
x-content-type-options
nosniff
age
296435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:52:06 GMT
ca
choices.trustarc.com/ Frame F2A1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=3t6tcb6_mnqhieu_piqrfv2l&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-521368a1-9c9f-413f-be5a-82b76641abd5&sid=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
5d6c2f7d613462d48e6f8e47b356bf781a82fb0ee98cec5d94ed8994c35baeaf
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 20:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
12574
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2478
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
sF3axl8NqBePii5UMDWGvX1jnSn8zvduLbkitHTQb2FZmCdgjgKQWw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame F2A1 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=3t6tcb6_mnqhieu_piqrfv2l&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 00:42:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
84606
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
q9hurByfgzcJFon1NApLEPfpd1_STAsQGrjL6qNDvuFWA3vioqlpsA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame F2A1 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=3t6tcb6_mnqhieu_piqrfv2l&w=300&h=250&c=e09c
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
umCZndFps3AJgSb42T9wjF0hoMVVtY7s5_Ep0K5NPjamPQNRdbJv2A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
frame.html
ad4m.at/ Frame 6B83 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2174847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
77d4a5b8bab2bbf2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 22 Dec 2022 00:12:41 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JgQroP2SlbwzS1uCJTgGNQ6actvVJ2RKOgHxpDrWVjEBxfocldfJAHziFvROq3tLxp1nRpxYXcvyk%2FqFtjZW5QBc8ScDI89bes4gFXi8ybBjxG4k9hiUPPvmPSp5yF1aE8pGGk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
si
googleads.g.doubleclick.net/pagead/drt/ Frame 332D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
expires
Thu, 22 Dec 2022 00:12:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame E595 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 19:50:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7M6sp6recAkHZ98OihFcLJwBtETsUPi8mxd1esRteKB3SLZ4ohpNm3ht7RKO9bNEw6RwlhXdJzL4QS7q0hC7JpVXvxLbcTN26jmfoPB_AbLzoxMgZOYY9HE5GL2tx4dIwkiJOn7DOrYyq3RjMOnKyFL96-AUedgJM8BbuyP42yl0gzYpUOe1eUNJBZo-l6WUIcy2aCgXFCS9k-K1tlVMwPieYXHYRp1m6JWYumBHdDfpOKI3K2t_TWwtxeKw23ajS3ZnwYM7DrrlYTNF4V3jIiTgS8ircWZtic_pVVh5gpN1fUp6xdGA49MrwONoJcjNMQTBvRpV9gEu7gm_kusXh1d74rw&sai=AMfl-YQklKPOOXkgMnJq3lzqChxFAZc-nrZrdfNKZTU9c2Z5F6UgYVTvJohx6LvP21lKUMmc1SZBrhwUyq6kEUWSVcqKzk8IoPtJU0WtgAbq&sig=Cg0ArKJSzKndpkrGQksYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
t.vi-serve.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=NV_LOADED&page_url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pub_id=828537996619089&channel_id=rfwqzezlc&placement_id=plt5Som0Vl7a2KzaMMi&ad_unit_type=2&session_id=gxvb0trhccm3&focus=true&player=playerVI&build=m&pageLanguage=en&placement_w=550&placement_h=0&time_delta=5670&requestedCategories=IAB20&requestedLanguage=en-en&ab_testing_id=testPIV_false&position_on_page=18&playlist_pos=1&matchedCategory=IAB20&targetingCategory=IAB20&mobile=false&floating=false&nv_video_id=101_e0813dbaa7380c816200e680c0d0fe71&nv_source_id=101&nv_feed_id=206&in_view=false&cb=bb97
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.215.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-215-72.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
server
fasthttp
/
t.vi-serve.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=INFO&page_url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pub_id=828537996619089&channel_id=rfwqzezlc&placement_id=plt5Som0Vl7a2KzaMMi&ad_unit_type=2&session_id=gxvb0trhccm3&focus=true&player=playerVI&build=m&pageLanguage=en&placement_w=550&placement_h=0&time_delta=5671&data=lazy:off&cmpFramework=false&gdprApplies=true&gdprStatus=none&consent=0&segments=&brandSafety=&ab_testing_id=testPIV_false&position_on_page=18&playlist_pos=1&matchedCategory=IAB20&targetingCategory=IAB20&mobile=false&floating=false&in_view=false&cb=de5a
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.215.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-215-72.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
server
fasthttp
view
securepubads.g.doubleclick.net/pcs/ Frame C8FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKRmXZt-4DUoQzLqxK-Xr-DY5HQ2Uxd6i5iqp2yGCwvBZLb-agls_8O1jHYQep_Gc0zpC_zpYikgJrorQb_V7n5p_F0NlTKFd3sw6nG8AINbmIv4ks-s75lYqoaHypDwcqIkXTPWygbKz9hgjZD0-pPYjlYXL4X0tu86THKxvc1L4AnOssN8IdqARLoGR4AGj_CrIVljVexW1Kt5D8aFo29y2a9qtwVSl5Wl96K_PgtvYJ6gIpgUGzzVI0ywpSJwNoDSjxnIRH-e4Rlza8AOnzrEYEh2l5-CiqDqH7oZSywBuRLRWL7t1M6lScYcFuXnp-W4J-8gYbDmo6s6F3gmOyrA2hJA&sai=AMfl-YTQ16IMvyE-7tpxhC3TBsr72B31XXbnNzWjTrzWHQzDL2DDBndQ7s-JDlP9jXnU_YZJ4dWJsop2eZqNi5gs9r3NKCb_3LdzCf1Svdw4&sig=Cg0ArKJSzBJXtICYc9QhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7D16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthQEsCnRppT-Y5uRayEgeHrfuaDM7IfuZSfBlTLpciUmLOiKWlzLiG6uAWoq-LvUemAbWz3M1V0MBMw5dmRWUkz_z0E4sS9sxxOGPADsGT0wlF7afd5wxoC_uF2lEq6YiPCJEaFJ7S7xML0w3It_iY1OnHVS9ULwdBdDDngguWaakRIBzj99Drq4OMmqJQoS-Hypk46sy-DQ4rwUYEVpmBDuw3vbAF2f6tNzkoM9w0cEqM93VZxFTUpGEymNxxGlerY_2sX9ANxnKvtVPmeabEpbQySKMO7DD3WdL0DxlAG0j4dbEiwGmf6qfSAHXqmlXesdLvgGYgfwIrRuVxGnpI-4UKXH5O&sai=AMfl-YRslIZkZGHsC790AEjDTHAllQcYcTWz8DAYiTKpbIGtMN3nhVocy8s-d-sEWVnwybe8KCLPMbMpfhCV6EuCqj7YBTjmnS_5Sr_te4DN&sig=Cg0ArKJSzG_VYRILpcuVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6454 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvdVOWi1O2vDt3AxTz1rL75mOTqxXSxv3xR3O5lUX9b75hx0kx0-nn09EphlcRbaN1RezziBwkgEt7OMlTrefs8asyHMAw1P6lOTFY_28nr7YpFz7P-6Oex2mS9N7Gf19B9KMOViModgLqmEZ8TuTR1FMMhUc0lF36zA0F9QPWUrF9hv5u5kBczVtsWfkwQc6jhdyhVITIIC9BFaEWKe02XuWXkp600bcYKChKYTIlnmj6dNfv0-1c8-cmqxwlh8n00gCDGuyr-fSzlrVG-OiPu5URwnQ49MXmZ-ReP9kEsLU9o0dD-Fx4I5VGNEY9ZzmpciP4VkwnAEg8Fzh3tIsKTROEzA&sai=AMfl-YTzopsKPyPzqeFkOj2TJArIQTaCbQcWjoeWnm2jQ2Uj3O6W2NoaOJ-qG2OLeYDda_8_jjnagokqinWUFjmIGPOoeVWQO7LFgObfyPh4&sig=Cg0ArKJSzFXtu1_Y3J1gEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D27F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJTOm4XZce2ASR3U350NKEkkal2rHCZcA7wndDWUM1YNyLkaNthi-gpNUVMqxzxJnjlBjb8Jnm4ZhAnGoEZJ4DMHD9L-QFKUem6x_bba854_1_G5XERN_7cCMzPupVMSIrUCRHfy08oXMBg7MCFyezQrH4edRALYbR9RZHHnHYRcb8dDTGpG7KwLFRW7WKbs8G7psYSo4qQJvVrxOLV8RR6ADd5VD4pylScn_4FOOs8Tr-ijzEOrSgDk845poCLSEaN2ryToFD9eieOuzq6Ul2Yyes_DWV0DWed7wOe9gitGKPYU_VNRTQsfhfqHPdtvebMVruN5JOxIVaxT0DupGWQMzTsg&sai=AMfl-YT1hG60n4p8zOp0KyranSig3gdhPsAZ379DrV4HT8fGmzzdwlGzTXmD8gWrm7WxfMP1pD7pgTzVDNgRGVo44NZiKAEMQTNygxW3LI63&sig=Cg0ArKJSzOTrl8bjegCNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
URL: https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame A859 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSt4b21ZWKSmOBBYxxeTzr44JSYMEGwQGfuh3Cw_ImUpBHsixhBOP9RePerFSe5zXE0lmWXujcko10yGxX-B0g9nRNWqA
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A859 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:41 GMT
truncated
/ Frame A859 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9974bbe1847aad8076893aea2ec2de5d0eac1c58b1c95cd9187825a0506fa2d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6454 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuY_KosCfVJGMw4Q4xLMuIpndDPfOBYEQnkVDDpD5tspzy33eq7_1RvGK1ScnqFztp72o1Kw09Rtb3j-VrWtDA6rx2NkLx3GvE2D_K05TGO8Cv6zYrqpmgeBZ2LkmLtbocZZ8cdc5M_A7qmHkcLaESNPowruic3TVSUWLL2fdIJB-sRlev4JQFu_6tRRwHlOOh9yDk0sH1HtWjVaiMf1Sf0TUR8w4O1ZHTJ4btTW4dHFCfS569qGwyO1okLYn-9iCL_8TlGVIfQn1SrslaIeus6dj4J9k5BdStOEk5Lur95q7nOaj0QZMcEC-66MqUu3Un4nMgdivgjBZixAjbNMDzQqgsenYdq&sai=AMfl-YTvTMWUi_j77w4vixuYx95h1WSPEfU7yK4IVc4nBE7F_nzYfScsVw1Fddc3c3L2BSX5e1u0rCpqsMewaChij3b9MstQimSiB67SfcFc&sig=Cg0ArKJSzJ-zwLP9oUWKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D27F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGRxK3NXkvpufhuvza6VpyXEu0F9Jmd3YQeJ21wsUMCGRPmlDlYP05tTbT6c9CS_nleV0dRJtIdIWc3CTMzWqDXZyn-yrkC2KTrNl8q4z_bbIoRJXXpJVQOC96x73fxL0EqlQIp4B_LKmNxD7JuGg0OmwdtH9M2u_34k_XnBJ-7d8PiamRkxVu64Ctf8E0OiP_fJObrEGG2GAYcWZKP9Ig03DmncJqLEvN-MYwUD-hXXJxlnkOT_b4iZskn1oAXHBhDArObK5TAoCvAvIPm1WT5pSmLZxJXuzL9terigtUhRFfaVZblK8idim7-XCREtn2jZkpS63iBbd37TFlODe7jw7GY-hg&sai=AMfl-YQHSHPIwbMtLr1c5FZHUvRNtcpUE2bmIrD-N2FJpnVm-O_KacF7Eqz4s6OVPtKdUIiKsDrrtAYT-OqsZCrElTY03gr2Z19PtYUq8KL0&sig=Cg0ArKJSzOgflFLmDkuOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C8FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXbb1PCg1sjhBC02p0bzxn0uZHkXTQTutqc3wywLYlXId-ZxoAtmmkgO04paaJnqucIIrRVEBioFCsG2FwNzQpYnKlPtNU6qy1tvIulZkWnxaGKtmb4uoAccc9WuO8Vt3FH_ZFw3lQdNVdHMO1TOnrsj5x6KC49MajJKvpX1cRm2qnt-Oe9_jcl89bBYNFwSGaizO3bR1m8hRhCHLLbVd-fcPH-djQwjkTQyqbG8hnmz_9G09XL87JFh_jez3LfbuBnKjCeuT3dd_f7o2p1ge1TilEmkz_yHFHwYr09kShMf2DQR6vS8lzU9kNt8fYDDmqBwikbXQjnwQu8IT9dEQY2-sZzJ-2&sai=AMfl-YRgtiu8-ld-idqhnHbXvuB9n6yj10H_bbNKMeTWXApuZwq88stjZK7javzYfNsX8PndqLHgEbmhD6coAbtqoZInvULOIi9nzgx8s0Cd&sig=Cg0ArKJSzAmC9X1ZieMTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:41 GMT
DashiellFineX-Bold.woff
s0.2mdn.net/creatives/assets/4736362/ Frame 3BAA 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4736362/DashiellFineX-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b87a459e3c3bf864087d851374ee19c8b6410f87f7aca98119e261b0224ea3f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80652
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 12:18:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 00:27:42 GMT
URW-FormSemiCond-Medium.woff
s0.2mdn.net/creatives/assets/4736362/ Frame 3BAA 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4736362/URW-FormSemiCond-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35343934f5daf1d52034f39701428673cacab68c8685c6614c48a6799ccffe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36424
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 14:06:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 00:27:42 GMT
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 3D47 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:regular,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 13:52:06 GMT
x-content-type-options
nosniff
age
296435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 13:52:06 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
101_e0813dbaa7380c816200e680c0d0fe71.jpg
nv.vi-serve.com/a23/ 		724 KB
725 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nv.vi-serve.com/a23/101_e0813dbaa7380c816200e680c0d0fe71.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6265ec02a358f430e495a5fff4793ad263d95b88a9b240fab40ba0092ecf46c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
x-sp-metadata
HS256.CIrejp0GEogBCiQ4ODUxNDk4Yi04ZDg4LTQ1ZmMtYWNkOS1iODcwMjdhN2YwYjMQgK2E9LGG/AIaBgj5wY6dBiINMjE3LjY0LjE1MS42OSjO1QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRiMGJjMGM5Zi00NTgyLTRjMWUtYTViOS01OGExMzc1YWY0NzUYpJ4tIhoIAhIUY2RzMjU5LmxvNC5od2Nkbi5uZXQYCQ==.XMRcrywHvBkb8K//tSDHQRj9G3VEGR9CNA7spgqzRdM=
last-modified
Sun, 10 Jan 2021 23:49:08 GMT
etag
"1610322548"
x-hw
1671667961.dop084.lo4.t,1671667961.cds211.lo4.hn,1671667962.cds259.lo4.pr
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, max-age=0
accept-ranges
bytes
content-length
741156
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fe061d3da79d71cb8d7c2b7e72fc2b4e3affb446c1b3807e7e2ab5593988d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7D16 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96eaf0b312fc6c2ad418b6366bb6779b9f94ed4014ff49dd4f68ac0bf3c15d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C8FD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3019667a5e7c233eb00246d948a4b995c4f7e333cae5a79327512c74b605963b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6454 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6740b49f76b27985f7412ffad4bad5f4e0801412208142b0de22a9e886c9aba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D27F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61539fe36f19127bd9f048105f8ffd3538db70f2f535b9e7bd8b167eef867f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Jetex-w.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex-w.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 10:37:12 GMT
age
48929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
Jetex.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex.gif
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5259
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
4_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/4_3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c4572a6972f95aa10fc62d3315213a892d86f671e3f2438c638b0e763a8008
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27970
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/01.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd286acf7c592fd02073cc5b37f90f86cd37b8b8d70e15f7af1493500fe4e186
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23668
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
02_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/02_1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc12f8414d5da580f8cdbcff0da9e32bd41013a26a7812b8a28a1df0975e4b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20390
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 42EF 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa2621769327855ded880036d5283b631c4ccb0913c7b7a36b4078c8b2f25a84
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 21 Dec 2022 10:37:12 GMT
x-content-type-options
nosniff
age
48929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24956
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=f38a00562706ea147342311f3b70004d_1302_1671667961363&tm=4103&eT=0&widgetWidth=577&widgetHeight=264&widgetX=512&widgetY=6194&wRV=2000999&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=885&oo=true&lo=1668&odbreq=2821&odbres=3787&mvreq=5040&mvres=5926&re=5928&cet=4g&cs=2&to=1671667956060&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Dec 2022 00:12:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
bb80656cb3e0c018cc04a72cc72dcf4c
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a6b99015e22b518d56416d50636944f8_1302_1671667961576&tm=4108&eT=0&widgetWidth=577&widgetHeight=219&widgetX=512&widgetY=6482&wRV=2000999&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=885&oo=true&lo=1668&odbreq=2821&odbres=3787&mvreq=5040&mvres=5926&re=5933&cet=4g&cs=2&to=1671667956060&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Dec 2022 00:12:42 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
8f6eab31d30ff45a93711e0934f0f071
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4F73 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5db60a3a171a8f87a78ce6535917ce0a8c26e54f4b937ef4b22018fa244c2efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3F3A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9e4c29a2826d09da43c84484ef2b166ce068e56fa7779ff955c16d92391eacf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11161
x-xss-protection
0
/
t.vi-serve.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=INVENTORY&page_url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pub_id=828537996619089&channel_id=rfwqzezlc&placement_id=plt5Som0Vl7a2KzaMMi&ad_unit_type=2&session_id=gxvb0trhccm3&focus=true&player=playerVI&build=m&pageLanguage=en&placement_w=550&placement_h=309&video_w=550&video_h=309&time_delta=6009&ab_testing_id=testPIV_false&position_on_page=17&playlist_pos=1&matchedCategory=IAB20&targetingCategory=IAB20&mobile=false&floating=false&in_view=false&cb=6a23
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.215.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-215-72.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
server
fasthttp
sources
call.inforsea.com/adserver/ 		14 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://call.inforsea.com/adserver/sources?affiliate_id=rfwqzezlc&VI_DOMAIN=frommers.com&VI_SESSIONID=gxvb0trhccm3&VI_WIDTH=550&VI_HEIGHT=309&VI_PUBLISHERID=828537996619089&VI_AFFILIATEID=rfwqzezlc&VI_CDIM2=828537996619089&VI_DNT=0&VI_SEGMENTS=&VI_BSAFE=&VI_OB_AGR=true&VI_GDPR=1&VI_CONSENT=&VI_CDIM1=101&VI_IAB=IAB20&VI_IABSHORT=20&VI_DURATION=37&VI_CATEGORY=Travel&VI_TITLE=7%20Best%20Remote%20Islands%20for%20a%20Tropical%20Getaway&VI_VIDSEG=&cb=1gkripk6n
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.115.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-115-87.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
90a5962f67b8b86078ab73b38c74abcd50871bc5397642c34b0f400c875b0de0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
server
fasthttp
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
13871
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLPrVh9OB4R1LUGELG33ffCpnZond16oOmOY1mCRIHcXEqyw6lIrvt3xgoZBAafemsY_l96nKHR-S-wx_vlotoNQytU1wBq2SapfT2v5W9n-H276I8w_0T4Zz_oA0I_5lRtOFf2NJvnD_Kg_XbIO73nfXJ5G0pOe8D&sai=AMfl-YSvUQhKh8V4NuQ8EzF7eQTt4W6RxJTL-pTrmW-uCcv1ad0-1Bvv4iZJ5uTA5VXlj0ETD9RVOZCrLe4xbQX9nOhHNCBMsjsIFtMmewozTfsh4KbukI4FtU9dPhsHdA&sig=Cg0ArKJSzBWD6AlWdujqEAE&cid=CAQSOwDq26N9II5oAvh7JOGhPqNTPkqgWMeM0gCSKiuNNO6XocV1NA2xP65A7S8LcI6m-Sj7rHz2jKWBw0SBGAEgEw&id=lidar2&mcvt=1100&p=381,315,631,1285&mtos=1100,1100,1100,1100,1100&tos=1100,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=984292701&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671667958347&rpt=2663&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4F73 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3F3A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:42 GMT
Jetex-w.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex-w.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 10:37:12 GMT
age
48930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
Jetex.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex.gif
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5259
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
4_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/4_3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c4572a6972f95aa10fc62d3315213a892d86f671e3f2438c638b0e763a8008
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27970
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/01.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd286acf7c592fd02073cc5b37f90f86cd37b8b8d70e15f7af1493500fe4e186
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23668
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
02_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/02_1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc12f8414d5da580f8cdbcff0da9e32bd41013a26a7812b8a28a1df0975e4b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20390
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 4CEE 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa2621769327855ded880036d5283b631c4ccb0913c7b7a36b4078c8b2f25a84
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 21 Dec 2022 10:37:12 GMT
x-content-type-options
nosniff
age
48930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24956
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3BAA 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd2b48839f8f2df346de158aeccd05f691060dce318f080667decfec1938aed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5700
x-xss-protection
0
get
choices.trustarc.com/ Frame F2A1 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Dec 2022 02:06:38 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1634764
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
XsEaXIuFKTJEXT4DaotqNAi12T5OjczTEo8YG_FyPkdS4TvaMT9Sig==
expires
Mon, 02 Jan 2023 02:06:38 GMT
Jetex-w.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex-w.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Dec 2022 10:37:12 GMT
age
48930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
Jetex.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/Jetex.gif
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5259
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
4_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/4_3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c4572a6972f95aa10fc62d3315213a892d86f671e3f2438c638b0e763a8008
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27970
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/01.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd286acf7c592fd02073cc5b37f90f86cd37b8b8d70e15f7af1493500fe4e186
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23668
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
02_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/02_1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc12f8414d5da580f8cdbcff0da9e32bd41013a26a7812b8a28a1df0975e4b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 19 Dec 2022 10:19:29 GMT
x-content-type-options
nosniff
age
222793
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20390
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 10:19:29 GMT
3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/ Frame 3D47 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7963287176706260992/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa2621769327855ded880036d5283b631c4ccb0913c7b7a36b4078c8b2f25a84
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 21 Dec 2022 10:37:12 GMT
x-content-type-options
nosniff
age
48930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24956
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 10:37:12 GMT
rs
ad4m.at/ Frame D181 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709a645356ff3b66dc3b342cb54dc1d75d38fb5b10957bede4a00210560e3fff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw6HCVYS4psIOi1CE8VKhtEJuodcDl%2FxlBMN16894WtpwVuu7U1i00dbIGIGcfijHw3rx%2Bue2HjiAXv3PTDh8qx0xdeMT%2FDwZkxRUt6loXN6pGq48gUXVRirl521EQeVHEJo7NI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
77d4a5bc6ef29205-FRA
x-backend-server
aa-reachservice-group-europe-west1-tbx2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77d4a5bc3ed89205-FRA
content-length
24
content-type
text/plain
date
Thu, 22 Dec 2022 00:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO1szjOSzHR%2F3vKUGFFSBr%2FZDZmYSbOLvDUjRlBrNT13I0CHZQnNmW1bXf80gmkG%2FtPyuJ8y5QSh5yvA7cg5Dcy%2FFxRF%2BLaIk%2F%2Bgi8LhwK%2FAJbofjwOJjLUofhZrornTB%2FzMQyM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-tbx2
ca
choices.trustarc.com/ Frame 9D2B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=3t6tcb6_mnqhieu_8gdjx75r&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-64457f83-3300-44a6-9b18-d8ddf591b72f&sid=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
006cdbd5a1bbab2b7276eb0ee5b4c2af8796e35dd2dfb9fb6d621fc90c11d1f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
31620
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2414
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
-VnkXxPTDMlsB-EsRSvr83ip1av93jS1dZLN4FxRiqao5LItll7Kew==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 9D2B 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=3t6tcb6_mnqhieu_8gdjx75r&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 00:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
84123
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
uBQ7mYJbjmUTDgatc_hdJunPy0jRCIrtS6YEf4_JhXxexgzl5cydtA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 9D2B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=3t6tcb6_mnqhieu_8gdjx75r&w=728&h=90&c=9111
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
yYUu2yEftBxxlRbV4z6M-zwMR-0Z4cyelqY6tXZot5oTWYWuUuU_Lg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
vendors~ap~pb~pbs~va.m.js
player.inforsea.com/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.inforsea.com/vendors~ap~pb~pbs~va.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
549c4fec12835821ee94d4e1103b73d0fd0460a1b3ba923b6596ad3bc7ac63c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdt_s87S2bNpJBuX5QUUj-Z1wdhb7O3S8DSvSgXFbBiV2VYVB7d5AhSxnB7L33-WHv_LXIrcQ8ycBcOjswmcrulULQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
15998
Last-Modified
Thu, 08 Dec 2022 15:02:06 GMT
Server
UploadServer
ETag
"342df82063af10e7aae5dc6273f8cbd0"
x-goog-generation
1670511726987529
Content-Type
application/javascript
x-goog-hash
crc32c=O3dOtQ==, md5=NC34IGOvEOeq5dxic/jL0A==
Cache-Control
private, max-age=0
X-HW
1671667960.dop082.lo4.t,1671667962.cds230.lo4.shn,1671667962.dop082.lo4.t,1671667962.cds072.lo4.c
x-goog-stored-content-length
59796
Accept-Ranges
bytes
vendors~pb.m.js
player.inforsea.com/ 		114 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.inforsea.com/vendors~pb.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
fc4df734f3615218486674269d6619f5aa359da11ec1ae4912a65ffa9443333e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdsN1VuJA_GaszOxoTXILSOVAppbH1Yh5t-WmwvQOaAyleKHwaczlaoQhO9Dzyyf-j8TmZ7rGPtwmeGn5KJ-aN9ihJ047IN2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
37997
Last-Modified
Thu, 08 Dec 2022 15:02:08 GMT
Server
UploadServer
ETag
"be9eb203b346649ebc95d1f8cda886fb"
x-goog-generation
1670511728719319
Content-Type
application/javascript
x-goog-hash
crc32c=66488Q==, md5=vp6yA7NGZJ68ldH4zaiG+w==
Cache-Control
private, max-age=0
X-HW
1671667960.dop082.lo4.t,1671667962.cds230.lo4.shn,1671667962.dop082.lo4.t,1671667962.cds072.lo4.c
x-goog-stored-content-length
116229
Accept-Ranges
bytes
va.m.js
player.inforsea.com/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.inforsea.com/va.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
b7ff640e6625cc37ee9f31809be199c6478e931d77f4fc32a7c5f358cc947884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdsiAumzfxfenC5DAaM6Qk74H5D6kWP6Q6qsxPzmfiQS8ugUIggT1qG34TRxcQDQS3dLavdvwWJTwXs9lgFtbEdjo-QApfFL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
9178
Last-Modified
Thu, 08 Dec 2022 15:02:05 GMT
Server
UploadServer
ETag
"ad65eb8963f68cc231b6c2fd527298c1"
x-goog-generation
1670511725573231
Content-Type
application/javascript
x-goog-hash
crc32c=yOm9WA==, md5=rWXriWP2jMIxtsL9UnKYwQ==
Cache-Control
private, max-age=0
X-HW
1671667962.dop229.lo4.shc,1671667962.dop229.lo4.t,1671667962.cds224.lo4.c
x-goog-stored-content-length
32273
Accept-Ranges
bytes
pb.m.js
player.inforsea.com/ 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.inforsea.com/pb.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
7472ff799b7642bbd31fb4fc9ad99b62ed001b25f78c1ff085d9484439444ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdtJIZondJrvEbQuuaHY1P8YUeaHjz8SFa0Ht2xqdJS5tIsiYuSqMd0u1e92wetgETkDwg7SojxwZWNC7Io972wmaVCoBSOY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
56119
Last-Modified
Thu, 08 Dec 2022 15:02:00 GMT
Server
UploadServer
ETag
"510f0cc2bbba8cbb22208a2d91845f22"
x-goog-generation
1670511720808987
Content-Type
application/javascript
x-goog-hash
crc32c=z9K/9g==, md5=UQ8Mwru6jLsiIIotkYRfIg==
Cache-Control
private, max-age=0
X-HW
1671667962.dop239.lo4.shc,1671667962.dop239.lo4.t,1671667962.cds302.lo4.c
x-goog-stored-content-length
184142
Accept-Ranges
bytes
im.m.js
player.inforsea.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.inforsea.com/im.m.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
UploadServer /
Resource Hash
3212c52a83653718ad4db95c0fcf1025ac31c8ab975ac8d409cb427a389f370c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycdtGtmDf1Sm14_f3RczbZabBcol4a4c9m4UBbPzfT590ge6pvzeQAK0KkvKm0cIVgCphe2iTDqD9PsX2lBgfgDdLHw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
Keep-Alive
Content-Length
5126
Last-Modified
Thu, 08 Dec 2022 15:01:58 GMT
Server
UploadServer
ETag
"972b40ddb9de10894ae75afbb1d25671"
x-goog-generation
1670511718831833
Content-Type
application/javascript
x-goog-hash
crc32c=as7r0g==, md5=lytA3bneEIlK51r7sdJWcQ==
Cache-Control
private, max-age=0
X-HW
1671667962.dop247.lo4.shc,1671667962.dop247.lo4.t,1671667962.cds323.lo4.c
x-goog-stored-content-length
15841
Accept-Ranges
bytes
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7DE6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 21:44:51 GMT
expires
Thu, 21 Dec 2023 21:44:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0431 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c82d5fbf908e5c2fd6139e0fff97fc5c7806d1c601f1e33a0dcc32bce4bbd935
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gb-fQDuJJNaEHgbKM68MKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-gb-fQDuJJNaEHgbKM68MKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
Thu, 22 Dec 2022 00:12:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3182 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 21:44:51 GMT
expires
Thu, 21 Dec 2023 21:44:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE34 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
807f353be5c3233905e3cd6bf21d18ebfeaf955d9f02ea96d4dee694be4f76cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_nhqA2M8Zwv7UW7uayggCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.travelzoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-_nhqA2M8Zwv7UW7uayggCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
Thu, 22 Dec 2022 00:12:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame F281 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOCPp96CjY5LdFseNxwKE76GIDwAAAAA4AeAEAg&bg=!6uml6a3NAAYgquz3AKo7ACkAdvg8WvWThsw9ztMOwrdmOIsIkocGNe2delH7pznudOEesh9_HX-XpQIAAAKmUgAAAAJoAQeZAzG9wTeWAA_tDiXCFmYdWQkZSDZfzJ4weE7ur8f5udhghZFeSU8Q9AosVcASsBGMbNpvZTTwDbRs2Y5xUW8jacSbnivQiMlXmFbqACWAF1uTGtnVC6CYDJdJPc12OaxjXsEw6ppqsBdzJUzl2RVn5WDQaH-Liemqb0DfuSWgs16NKWX54Rz3u7c_V7CyepQTmIF4f6gvPvd4J7DSrcEHjrcaL3A30gpSuu1zbQK8sPf7G_aS9EtF7r90VnVDZu1dzAYiu9yM7pO3xf4oD5MhVBknYFu9Q3U3t29NliOx2Sc4sw7rvUAwsujQe6suxpSNGj0dn2UCuRHdd-39c8AyBSOlt3d1iOMysu6UYPKuGSEJOPMRNlZ4lizTCx74FCnadv2H7jDTygx3heqDSg-FMKSVVYf-_77rleqbM8y9VH62-8SE6RYlw5QpZQ4QUM75wnqnW36Wrj7GHvJpWEtFCFjvrvdYFSV52A0pYbWLE0CPuPBTKXT7KMJoFC7BOxoyxBXVZ2zT2zr5s9PgAHA52xpvbHRKvNSvTAzJrUND6i7ZqWMgwVBFKIG3ohj9lxtz3FJH6HhGziDuhLC0TjxnRwMlpUr7nAXklmcVV1qWNX_dG6ijwjiOReP0XPMS-XcpD0n2GS6yrlFRvrm-Ozyusjf3H46CroUWfkL0EsnemWLa0k7tL8M2UKCIJutiew9WYuPrPxBoAjWkLbHgZSlA7Z0L6Cypkakec57DMEYEURVQ-uDh4MLeMwX4IpsrvcN5VESrlXD15CBIfEqTou8B--I1UWfQiLTbRspcbQ4a34nerkubCkh7_76WpP8EZpzSw5zzyus5uBttrNS41hEPwIhzIBhO9UAvn-XE5OWLfoED-_WsEnApeYwtHjM8E6PgGF_DRN6q7dDcAMpNulHMYiiuL4Z7AFusH2tRgVG5phrsfLZlptbdlxAIXYxI9rz5k5NK6gx8Zf4z1kzXAOdBsTMvFkX9ZqVCQcnj42wxOtWxj1PeZANK-36ggBPVvTra82k067hciV8lHdzuuIYgaCSYuILLG13_Yh8_d5I2IRHtGDl1VR3THviIIaQqADfgVkrV
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame A76C 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96aa57f39a4b7755089b09930f3e5a055f30793e603732b68fe4d4edf8059d59
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hw490hb69809t1860j8jywz97k87dacp9bvmc4zstbdk87aj42pzcd8vn2jmeaz4x6abnj72zfrpb4mv88h42en42yen403a7ecpesy363djrec6j59hv5p9rgy1cnj99xtab095dnjm8yg99x9tzzagx18qyxhmt725xs9jrzpkbk2wnmph1gqm7k45at3x697chwcgymb5drx9b4sh4gbc52gx93t1zksy6pe95gwv9da6gbge064db1r7753pvg1a73dbam74449mdqgjkqg9f5cwwjk0z795skn1j8c1nswh01f1m6179rscf5m71t59qgmvqf8tjxejveyky59366c8dqcnxznhwht9j5tm1d8nnw85nqvgwfcq5g1y8qw52rg36vgrbwy8zmr5pj84fexa686athzhhaeafj3ynmks9x0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%26client%3Dca-pub-6368649565956303%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
77d4a5bcb819bbf2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
get
choices.trustarc.com/ Frame 2A73 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Dec 2022 02:06:38 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1634764
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
DRoCfJP7xUryjB-Ekj8w1RJdChFzhc6Uf2GozqLyqKtQTrFq_AxWtA==
expires
Mon, 02 Jan 2023 02:06:38 GMT
get
choices.trustarc.com/ Frame 2A73 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Nov 2022 01:01:53 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1984249
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
mhWNn62T2a9FO9d3M5AFbj1mJ-BuoihFL45Ls9nizRkVprQkaQY2Hw==
expires
Thu, 29 Dec 2022 01:01:53 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame A76C 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
732328
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWN9cyv1brvGsdiBJ7hn3NHxjcPHMkkDo3fKef6VBmINfW3hTvo%2FnprSWI32jQ4Afo2BVJYy6XXwom4KoIsiGDHNz3liX2KeH1dcOePXaSzTF62RIlPo20FfK%2FZ002hgUDmPzugzNIk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
77d4a5bcf89ebbf2-FRA
expires
Thu, 22 Dec 2022 01:12:42 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A76C 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1744653
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54554
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqVxdhJRRfPyt%2FKirDx8aKa%2BhhLBOnhFEt1NuXjLY55lrwADmV4YuRMqvvLZejpgBPCc48v93ClTrcnGcXbS4Zpa1WbuL95jGlaetLFtz0ntqzwv4k5auw%2BoCJ5rrukl7UbmWxYyL%2Bf20uN%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5bd090cbbf7-FRA
expires
Fri, 23 Dec 2022 00:12:42 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame A76C 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2349608
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McIE%2Fxg8PJRPBcIJQ5lHhmk5V8Bga6jXAWA%2BVtXp42h34hp2ldyFS7JGWCmmSh49AHfDxR074zhYLosM4ZgeP%2BKsBkADkS4pJVgm%2FDbGxrm4518ZWgj5TvNFJu%2Bt05YoLoNhHtWwf0mOQ8ZR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5bd6931bbf2-FRA
expires
Fri, 23 Dec 2022 00:12:42 GMT
/
partner.o2online.de/a/ Frame A76C
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COil2Lj4i_wCFbjHuwgdo4ICvA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads1.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame A76C 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2346858
cf-polished
origFmt=png, origSize=24833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ0j88E%2FCN9lSpPw%2BlOKxhOA84%2FP1ZdLt1Vb%2FhI3XCd4DkbTB3Yo7EugKe19EtH38F6Q5sxtAdcoyelNKkdEXwd5K8TjBk5y7lw7eNgVOM78Z6OSekEWlFkTEJWceYpQ1mg10Wuo8yb%2FCykR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5bd6932bbf2-FRA
expires
Fri, 23 Dec 2022 00:12:42 GMT
FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame A76C 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
372947
cf-polished
qual=85, origFmt=jpeg, origSize=85977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20094
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 16:32:10 GMT
server
cloudflare
etag
"115bea0885590f780802fd14548a1cde"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hv%2BaqY65Fqk7KpAze6dZ%2BGRG30GOYpQzhCIFQxIq5Xiy7XkNLbZ%2FYofSWoiXeneq13AuT3Ws%2BfPDujzKqonCFK%2BQyWLZzypddTQob1cDnUWMSy19ltUfvKmyx1ISpvjunKXhiJU46tRFJuRB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5bd6933bbf2-FRA
expires
Fri, 23 Dec 2022 00:12:42 GMT
/
partner.blau.de/a/ Frame A76C
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CPii2Lj4i_wCFduE_QcdWwADaw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122201124279726569515X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122201124279726569515X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122201124279726569515X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame A76C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2348381
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FruDmvZfJrzav5e8hjyJgDL17bn2BAkJ4MyEXis7sicrWYKehiWg4YKH8tbio8GazeUJgKP97xW7dJejVRCaJLjV8aCU9WC7r5Hg6yAwa2qvoanfvuDp%2F9fBQBWSuGPW3oYyOy9OudltxExu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5bd6934bbf2-FRA
expires
Fri, 23 Dec 2022 00:12:42 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame A76C 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2347335
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acZHdzy%2FDAlJPcFWJ%2F%2FeJCtAIhYjs9tDCUYt%2B11WyPyuKHWhmWXC0jwNhjFlVFJZy657OtSVoo0zHgDG3Uqy2886sv9qg%2BdMWN2bknIswzrGNTQL4vH1HSOfxSkTYndTF3GG8ZBd0yJCE7cT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5bd6935bbf2-FRA
expires
Fri, 23 Dec 2022 00:12:42 GMT
ztpv.php
www.conrad.de/ Frame A76C
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1671667962_5a771980-818d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
0
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1671667962_5a771980-818d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=120&d=600&e=&g=254062e2e29d696634a88c9b9a216eef%2F10152279106330263213&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671667962316&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0rkw59a5apwhvvjfbvpzy9ng6sgt804gsmv0xqxzmtj02891a0nzxkqkjqmsrqftyaxb5av9k11e9t625q0n1w7rdmk1xqw74hwm8dzt15hrpvz785bba6gjdrefpffcxga8x5bad30m52vc6az8scj3fg2xdgtbrgh07sf626w1mxr1de90yd2enx4dcgbsvfe82gbmnsbtsdmkee4xzkqekvw21596m5dxcxa54syghy2yy3jxjwjc1qtztjm2hjntwjdv7bwyyea29g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtF7-9qCjY_XUKdCcgQf6y6DoA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTYzNjg2NDk1NjU5NTYzMDPIAQmpApl0fZU61bE-4AIAqAMBqgS_Ak_QpIfAR-D69ZAEYmtQtRb26u6qggZTSgX6gumA0YyxgrAOPV7USyLnrPWwjhiskPwaJFL6Jz6ITywguliXz75V7RR0QOxTheMm6okM7p_dHOqbP-YTtkPpakQ0IlwaQtSj2PFBNBNg4kFdLL-Z7ER03wamMAnzmTPaIpBfws666Mff8qjGnLtqCgErgTt0hapnaCr7vMAU2OkhWpzOeJjg0XcBGzDiNEjvCPX4tzDpjA7ypIVnskc0f_NTeiRAV3scFpPowAafYk80YwT41y3uSx0G0N6nbpL8_5vxbhOlxZP2fAal4ButaTs2k5meT1hZ82IlU1Gu1vRKlz1FPV7caMaM4f2Mz4u2-XjsbWrgEuFqxmIZVr_NLIehhhM6N7nIyhSrGN8OtND4p4Q-s52A61p5AW6sCq9OnWkiwtbgBAGABs6Eyqvru4G6VKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0WRZpckuYTL4CF5oKe0VxzVIW54A%2526client%253Dca-pub-6368649565956303%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
via
1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
content-type
text/html; charset=UTF-8
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
966266527
cache-control
no-cache
cf-ray
77d4a5bf188a918f-FRA
expires
-1

Redirect headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1671667962_5a771980-818d-11ed-bb44-226289dc062e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0431 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3089711735692188&rc=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame AE34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=3610688321997664&rc=
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
mvo
tag.1rx.io/rmp/239286/0/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/239286/0/mvo?z=1r&hbv=6.17,2.1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
date
Thu, 22 Dec 2022 00:12:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
videointelligence-d.openx.net/v/1.0/ 		106 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1671667962453-541&nocache=1671667962454&gdpr_consent=&gdpr=1&schain=1.0%2C1!vi.ai%2C828537996619089%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A550%2C%22h%22%3A309%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545691045&vwd=550&vht=309&aumfs=1500
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.frommers.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:42 GMT
AN-X-Request-Uuid
23ffa900-08c6-4f4a-874a-c15f0cce6f56
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.frommers.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		39 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=759910&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221671667962457-256%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.17.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221671667962457-666%22%2C%22ext%22%3A%7B%22siteID%22%3A%22759910%22%2C%22sid%22%3A%22550x309%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B550%2C309%5D%2C%22placement%22%3A1%2C%22w%22%3A550%2C%22h%22%3A309%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vi.ai%22%2C%22sid%22%3A%22828537996619089%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8a02588d9abf76f6fabbdac267f8827ceb5a5395c343bb694be58290b9351f

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgWw6QEPebf3W2ZYEn7Cn2Ewe6%2Bd%2BTrV0IkQVqvZ44mBiUZUKwnaZfvVjeNhTxNxA6HEaInRcHVAQhE%2B5rUmw%2BNkxSeUK3VrM7VTQmOyhoMOBexMMsElvGlrR0oJbRT8ziafIewd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77d4a5bd8f066903-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
expires
0
auction
tlx.3lift.com/header/ 		19 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.17.0&referrer=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&gdpr=true
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.4.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-4-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		153 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.179.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-179-45.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
42041bd5b3b63c3999995bb3991c1d137c92fe4c2186580b8de26c309a5c2cab

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
151
expires
0
get
choices.trustarc.com/ Frame 9D2B 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Dec 2022 02:06:38 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1634764
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
ZSjLUKi7zz-2Q2f34durqrU1r6GFdToIWT5KK_JW7v1OIG7mx-K2UA==
expires
Mon, 02 Jan 2023 02:06:38 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 7DE6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:49:24 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 3182 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:49:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3BAA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2F54 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0Hdrij_xtw6V8m2IQ2peXy0LHq-eBw34xIqWY_EbdVVoGbifUGrBymf-2I8yycvIil4-vuf2Iag46KB_6ncPxVthXjgIPbKjENJ40SY8VxOuMUGIFRI3C9YLxnPUQ9qCzDCBQy5bzbL8pGpDlVmymKLLaWe1CI8UU&sai=AMfl-YS2qoB9DO-dI46gscstzwHad0eZkn_smZdRejL6qBQnAJs3LsFh0G3As2kNDEw_7jDR72CzzPwwhU2mlwuGM6s9rPP8Qj5SxqKmCu4g&sig=Cg0ArKJSzHLf3iS_Ju0kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2298&vt=11&dtpt=1411&dett=3&cstd=878&cisv=r20221207.49451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:42 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C120 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:42 GMT
csi
csi.gstatic.com/ Frame 8F61 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lbybxwij&c=5093056412851&slotId=2546528206425.5&qqid=CKaltLb4i_wCFbIY4AodybME7Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E733 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwPtjv3eqSs80RSB0GcxIOxrnbuBVGs31Je2kuHgMVWceuMAhzymS4oyl_HxEAzB9El_Bh2lUfErs03a31bzycQW0i&sig=Cg0ArKJSzNcjPBKDcIG8EAE&cid=CAASF-RotQK9FiqWApTMGmXCx4BtAvPDkNwm&id=lidar2&mcvt=1030&p=720,1184,1320,1304&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=20&adk=1860967007&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671667960624&rpt=852&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CEA7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Dec 2022 00:12:42 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7E42 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158055&gdpr=1&gdpr_consent=
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144206
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
Fri, 23 Dec 2022 16:16:08 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
60021267_20221215084104997_urgency-trans.svg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 3BAA 		233 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20221215084104997_urgency-trans.svg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aef87480fba7d9ba95fbf0794876e4e5ae83872531d590e4553e3cddf6668ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 09:07:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 23:28:14 GMT
60021267_20221206073038659_WWatchers_RGB_Vert_BluN.svg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 3BAA 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20221206073038659_WWatchers_RGB_Vert_BluN.svg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff36b0091e7de77538ee357c57ebbda63a1c8dd61fb97d6071527d980ba38f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:28:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2272
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 12:51:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 23:28:13 GMT
60021267_20221213080014237_Pro_Mem_Liv.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 3BAA 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20221213080014237_Pro_Mem_Liv.jpg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63315392f67bb437a770d7d9ff36322abc67bf2d45c5557b2062872022eb9179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16827164800508398685/index.html?e=69&leftOffset=0&topOffset=0&c=uq25r7lnLc&t=4&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13981
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 16:00:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 00:12:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E595 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9JnR96CjY-fWJMqV9u8Pn4qj0A4AAAAAOAHgBAI&bg=!jY6ljsrNAAYgquz3AKo7ACkAdvg8WkEI1UtMd9BsSnY_Bgx4q9rsJlqsT4Pp-d2B57f05ZiCcxc9-gIAAAGIUgAAAANoAQcKAGw5R0B1hUERGtIG8CCGF56pRghBv7Wu840rEPdU2bWr4wAs5nOUPuA2sfxuXAXiSK8Ez0s-iKlk2l-veBeYhTaT52YVF8JilXSH9l_PdZngDbf4l6TUoTrKARoMDTUG8ckW1rNU9pbzPLmw7BWZAymSOJEpK2-0aM0T3dehPHw8BG58vtWmSrLZ_EGpj322JjVqYQikwtsRaTPUxFMzwXsdSNsUMt-lAYo1U_a9F86qlzQd6eclpJSXTa9oHsVeLL_NW7-7B_DuZe2df2brElklPWkfyWC4NNv0_uZgkjMgjQ1kNDOHtGAUDqTXiwl4FvJ69viMBSETBBeWB9F6SaRQ5QqLvEMVkJ6ARn6WIHPqlJq2J4JdAf-kNl5zB_oIHSgCZWZhr4D3AxvNwaZENUGxxwZaGfc0bPNpXY1S1DLIdISavetC37YxyMNJjthq0SmtU4OkNITp_xcDaOZeYJINt4rDAM_cRZCFc6xs_L4-ZYKlpQsWeJG2RQjD09DaBF7MbGLSZW9Q0FSgG4_9AskRwd4VWm_t5FfRfH_PGURa_x2kWumNglS6qm_snkm-4BaFwS31P_QNeRFe54Kl_u5siHjMQ-qoxWByYf9_A1m4pRK6-vNNUgsChdHq4ixXLnVoFrAa0PFVj_GgWHwWU3RCXh8jlyKZJputksmgRxHwhjUETeew41mXM9IuuGZA4c4IU2Gorqqg9nROYs-aipVWUX7ocJhGBPy2AS4Hm0p5VsLKP-RS593Y7XC8eZlR_1Vyu7s61QDe-ikBjnUNKsPbZj1AYHSt3uUNq3oOE0ftgdE1NU68Za2K_pZ3d8TtDqQaurxwqWxWeCARu_F5b4XPPprZ6FvF_A6xHoGnc2ZR5JLnvmvRBQ9M38LoqLWK2r0bCqtHCelLrZDK23mB8XnEQO53IS--ENVdpSBcPvZOddkrDUbuvfDk_J98VODvXZC3pQNU2fLZKdndoYlOCK9YI3KL7DQyGFdfVJ0eBrHSaId-04xwbSH9CkZ6NkAmQ2uzy6qiJidRKg6Ha7_rOO6irWm59QJDUdYc_SU-igrHybQAPPbDHeXCS_e6fHK8KZETYZSpTAfdY4x-8lcpgWK51mxLUzpfrvOEkoD9c5gHph-FhEJsOJdUVroQS82fN0ndXqge2sRhr3z5slpJKbOZfnvdZypDoQ2LfAmayn3LrExNznvGsoJhAjRAaKML6ud3Jh57FmJ3Fg
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 4CF2 		0
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 22 Dec 2022 00:12:42 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame E678 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 22 Dec 2022 00:12:42 GMT
ETag
"623de86a-cf34"
Expires
Fri, 23 Dec 2022 00:12:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5C34 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
277
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77d4a5be3ec4913a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
Thu, 22 Dec 2022 04:12:42 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 9000 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=true&
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 22 Dec 2022 00:12:42 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame DF4F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:49:24 GMT
get
choices.trustarc.com/ Frame 1705 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Dec 2022 02:06:38 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1634764
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
rh1w1r70IPevwDya9HqQnGnh6gsHaHdgm2P3b70ttIAkGZZByGPulw==
expires
Mon, 02 Jan 2023 02:06:38 GMT
get
choices.trustarc.com/ Frame 1705 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Nov 2022 01:01:53 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1984249
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
0B2XaRsPFmxBjsUslGZG2V-HA_3Gl3BHmIssxwLu7v2bhi6aRyo3Sw==
expires
Thu, 29 Dec 2022 01:01:53 GMT
usync.js
eus.rubiconproject.com/ Frame CEA7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6d404b0ee66e910fdd0d5f914e6b3b6eb43c8e69e7c990c4ac944115ee64d0fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Dec 2022 18:00:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64088
Connection
keep-alive
Content-Length
10066
Expires
Thu, 22 Dec 2022 18:00:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e69f9cac3dbe9c36399899055cef9df2a12c9e18e0ffcf41c20b08273451315

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77d4a5bf7d6abbbf-FRA
content-encoding
br
content-type
text/html
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8onFQRZSmOJpP56L4rw0d6PL9wNBflkHg2xnT4ScIzQn8MQTjqSmEAEi6r483uUD7fe4HjjybHU97HKTPjmZZuGv4eRjq%2BXnpMiKDKdorFpGTlNRSn7nBc8qu7bdgvay12qGnXuWDC1Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77d4a5bf3e4c9122-FRA
content-length
0
date
Thu, 22 Dec 2022 00:12:42 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrOL8FVAAOfQ03mgtfjgEmEtbDhOU9Jtq83qE8NsSCa0Gy8eTCGYdUvVOqDFxiFtF4c2n%2BPATrm1jF9ibulc8hul8XX%2B7K%2BIwlnwuJyZIlt5xYvy781iutLDI1Hz9TJTRzBhiNfqfcS5bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame E678 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:42 GMT
AN-X-Request-Uuid
96b33cf4-b68c-4c2c-a4d1-4b1fef6b1579
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame CEA7 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 7E42 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24206288&p=158055&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158055&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-length
0
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame B12C 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82765
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C120 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 00:12:42 GMT
integrator.js
adservice.google.com/adsid/ Frame C120 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.frommers.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
crum
dsum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6Og.mbXgEGkoHmobTERnAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUows-1oTm_A6SE8vcJ8W4&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUows-1oTm_A6SE8vcJ8W4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUows-1oTm_A6SE8vcJ8W4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6301
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GXR86D1DMSFQPK739BH5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TYK61Z96NQQFVR9BWZ1M
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6301 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Og-mbXgEGkoHmobTERnAAABIMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFl9VhVsk9UpJ1VuCuLTxw&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFl9VhVsk9UpJ1VuCuLTxw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qy92A5aiepTlrTDgjYSzfLJlxBcVzmy3Z%2F4IALWGS3rzP9DtT%2BNkW5xWqvGyVQBp%2F7o3ZatcomYMjjII7NLc2Q6tdurZ9URSYdXZsUi6WHkEdemf5aWoDbDMHQ3MQ48ZJ5HXsHaXKoQ00Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77d4a5c09eedbbbf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDFl9VhVsk9UpJ1VuCuLTxw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5c96963f-5493-474c-92d6-4ede5845c35f
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5c96963f-5493-474c-92d6-4ede5845c35f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5c96963f-5493-474c-92d6-4ede5845c35f
date
Thu, 22 Dec 2022 00:12:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2841619000722146709
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2841619000722146709
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 22 Dec 2022 00:12:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
39f8b04c-2e37-4156-be5d-03e0fb0e53d4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2841619000722146709
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 6301 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
tp_out
d.adroll.com/cm/index/ Frame 6301 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:878e:121f:757:1432 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6301 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6Og.mbXgEGkoHmobTERnAAA%261155
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.frommers.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
8378
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77d4a5c028e29b83-FRA
content-length
43
expires
Fri, 23 Dec 2022 00:12:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 7DE6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s0Ay3Q
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3182 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?aTHPCw
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame B12C 		83 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21708299310%2C64147298%2Fca-video-pub-5617098146054077-tag%2Ffrommers&description_url=https%3A%2F%2Fwww.frommers.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2435136847999037&cust_params=video_category%3DIAB20%26brand%3D%5BVI_CUSTOM8%5D%26vi_segment_de%3D%26vi_bsafe%3D%26vi_sticky%3D%5BVI_FLOAT%5D&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=4209763208&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=339BD6A9-8589-4B80-B31B-64FB72BC5664&nel=0&eid=44748969%2C44750822%2C44765701&ref=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&dlt=1671667962440&idt=510&dt=1671667963035&cookie=ID%3Df2cce56ea98e4217%3AT%3D1671667957%3AS%3DALNI_Mb1c-3E1dk52K5CRkG2zqW7XLyNJg&gpic=UID%3D00000b95d9bbb62d%3AT%3D1671667957%3ART%3D1671667957%3AS%3DALNI_MZpx8Q--VyHeL19uaqajfXC5O5n0g&scor=1961713219289889&ged=ve4_td1_tt0_pd1_la1000_er1977.525.2127.825_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa66a4ee4751cc39661754261782f496669a12b4aa0cf1f36ab4c80d282f61ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16987
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.trustarc.com/ Frame 2F54 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_6fqgapcd&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-aeca39cc-5f4f-495e-acac-2a7b826c441b&sid=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
63f58cb7747f696cc982ac83b36fe1912575d7682633b56414121997f70f387a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2477
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
QC5dSKLUrxiFDYPbps7Buq_i9wPLDi7wkViBA7S6vAaTN22_OYdmfA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 2F54 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_6fqgapcd&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
age
2285
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
29y6xoXn3FEXzrmRo4hHK9hwUOPC0pqFxPycgSp6OKezuEwLR-4VNg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 2F54 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_6fqgapcd&w=300&h=250&c=5c39
Requested by
Host: www.frommers.com
URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
KH1TvYkYPb0-W30L6Cxyd_QLmSVO2slpOMgiTAWlsjGhiRe9dmahqQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
choices.trustarc.com/ Frame 2F54 		287 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Dec 2022 02:06:38 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1634765
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
YKZjSPCZy33p_RK6OqkETnLDOJNrkGPkkHNX39omAJy9TR0KyFlkcw==
expires
Mon, 02 Jan 2023 02:06:38 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
83478
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jnGXoeVM2yT4x0XiILmBQ9AoiDuFoDgTXUF00EYehLSDlyuUfAmykw==
expires
Thu, 22 Dec 2022 01:01:25 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-56379ca64cacc2ff/ 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-56379ca64cacc2ff/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a14bd4f8081f8c3e2addf343587658194b00f3118480e4e09e6e44dda56537c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:44 GMT
content-encoding
gzip
etag
2117428703--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
762
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=63a3a0f60e8db20c&bkl=0&bl=1&pdt=612&sid=63a3a0f60e8db20c&pub=ra-56379ca64cacc2ff&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.frommers.com&fp=destinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1671667963410&jsl=135169&uvs=63a3a0f682b057e6000&skipb=1&callback=addthis.cbs.jsonp__96997658141555650
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd948a9836972efe029ee385fb2d2795ca988e5b6e50f8070430cfe848f8ff1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3D10 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CC6F 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 22 Dec 2022 00:12:43 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c51d0c5bd39003ffccf0f6baac0e94d2842bc79d932dd49e6146e3356a9fa2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11239
x-xss-protection
0
log
pixel.inforsea.com/server/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.inforsea.com/server/log
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Dec 2022 00:12:43 GMT
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=b&dim9=7423&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=3341263269164&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
get
choices.trustarc.com/ Frame FCE4 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 03 Dec 2022 02:06:38 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1634765
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
1kS5sx7YZzPiuFF8euRpgtxvcNlMtG-jZxZ-0q6URStb7fMHmC1g_A==
expires
Mon, 02 Jan 2023 02:06:38 GMT
get
choices.trustarc.com/ Frame FCE4 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/b-8db6969-3a5c34df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 29 Nov 2022 01:01:53 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
1984250
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
sTzs0zsQXia34LAoGbHnxEqR83UdtpQcIvD1cfFBKu62wyGPpWmO4Q==
expires
Thu, 29 Dec 2022 01:01:53 GMT
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=mu&dim9=7432&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=5228281714702&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
csi
csi.gstatic.com/ Frame B12C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lbybxzct&c=3476053140359&slotId=1738026570179.5&qqid=CMPM_bj4i_wCFTCQ_QcdYT4Erw&gqid=-6CjY6OABM6N9u8Ph7OC4AU&fb=ima_html5-lima&sdkv=h.3.549.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44748969%2C44750822%2C44765701&met.4=ghmsh_s.lbybxzrm~ghmsh_s.lbybxzro&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=pCjHWeorrEX8SWHV
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame B12C 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-5617098146054077
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 23:49:20 GMT
x-content-type-options
nosniff
age
1403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Dec 2022 00:39:20 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C96_j-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE4gJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKbzVHe_h2YLAaJ7w3g_ZY6O8TNi1oP_us_EBj_KRmWico-HwZAft9hJ61dd5JQ3ABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJGmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vsQniSeKcELkJB4AKA8gLAdALDuALAbgMAZoNAQ7YEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=Owt1QifNvMo&label=show_ad&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiMQDyUAAMZCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame B12C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CnUUg-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE3wJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKeTUp-ru-w3l-lUrR1E2-vs989cCN6HMuW8KoepeC8-TFHwwTSv1P-z7izjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEKjxgAOoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhicr_uoAtgTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTU2MTcwOTgxNDYwNTQwNzcYrMxs&sigh=xgxlYwHpSo0&cmd=Ch1jYS12aWRlby1wdWItNTYxNzA5ODE0NjA1NDA3NxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9GpiY8-vN9XAtDY_FadQxYGYXG-DWyETL3XUVcbP13wCFCY3l0xbU4Y5kSebZlnNUD_aop47GEBgBIBM&vt=10&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiMQDyUAAMZCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
truncated
/ Frame B12C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame C120 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lbybxz81&c=3476053140359&slotId=1738026570179.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B12C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.549.0&e=44748969%2C44750822%2C44765701&id=ima_html5&c=1135248415826008&domain=www.frommers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-5hnekn7d.googlevideo.com/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-5hnekn7d.googlevideo.com/videoplayback?expire=1671696763&ei=-6CjY6r2GLzix_APuNiy2A4&ip=2001:ac8:20:3d00:1011:4bdd:b426:df05&id=1e79266198a3bba7&itag=22&source=youtube&requiressl=yes&mh=9c&mm=31&mn=sn-5hnekn7d&ms=au&mv=m&mvi=3&pl=49&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=99.172&lmt=1667513595748502&mt=1671667487&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhANithXWQRUV5kl0-zyoHL9uFUjXOwlRTvBt6OWPJAiEUAiA0bmE8NJPkyoN5qedEJLM_RZE-153xG7EqPXdD9bJU2Q==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgJikAc5wfXLrTLFBkeor3ROmIGJOEf50AZO_CJ_yYVbgCIFboCsbvmnfENGx4YQ4QOm5n2s_sdJ-rzPbvuG36bmlB&cpn=pCjHWeorrEX8SWHV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:1::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.frommers.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 22 Dec 2022 00:12:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Nov 2022 22:13:15 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-6041693/6041694
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
6041694
Expires
Thu, 22 Dec 2022 00:12:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 844E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 21:44:51 GMT
expires
Thu, 21 Dec 2023 21:44:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9773 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10b98ee9d82312f4710eb101115dca0794d4853993b119d022e1f69a9e3a23eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K3Qw7SzUw3XZouHlnE4-1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-K3Qw7SzUw3XZouHlnE4-1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 00:12:43 GMT
expires
Thu, 22 Dec 2022 00:12:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=frommers.com&p=%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&u=C065fKD73VczTvpye&d=frommers.com&g=47501&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11490&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements-customs&b=7335&t=BCR9vsC_A7PFC1fVT2CXoh5KD_vu7g&V=139&i=Entry%20Requirements%20%26%20Customs%20in%20Brazil%20%7C%20Frommer%27s&tz=0&sn=1&sv=DuB78ZBFN5fmrhwNhDbkxlRQS5OR&sd=1&im=06030403&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.249.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-249-126.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3089711735692188&bg=!EBOlE1fNAAYgquz3AKo7ACkAdvg8WlE-k3DacbAno-bvo-5o73BOHmuXx2N_xkewrMr6ZOY_tUtJPgIAAAGdUgAAAANoAQeZAxx4pOKJQVmuN7DHOFOK9lrez8T4slONh3mW9d_Qo-Ml8fxBvu_5WeihFdl_nfwKfJrYxuQlG3S9VDaj5elOguiIneFaR7kElf4UHyNDIvmTwOo776uUfNARl0sqtxr3A1ZwAE-Uk05BYnUMO8REP4es58-KsbLxvDboui9kef3EmfBgsBCuuaZOZrmALDUdM0GQKAjpoqgLu4jnacYeZda6dkemU_XuLRl6J98oX8Xf15rT687YcwucFDMb7PerL1c-Farsb2Ir_fCVvWZWtXAb2VJKRKEeVqM3WzV7_W0q7wE6D3Bq-ryAw4M_NWcV3l3YW280naO-ZPOihCvGZRxiVgzLJMRpHpVzRrHcwJ1qgZ2ESxKgECYzGQ3avyqI1m_RJ0bDbBfNVkTHd8iiTAPuLppBHxs1Y1EQX6vUJ_j5spDU8SnPAOP92E_51A3j9dOvbpqelIVSlGlxbCjr0l6LWHXH-BA5mh97OxKToZhLfWXOnmrGVFvnfjJ4Mduj-U0DBbZw0L-tQpZwLKfHJ5XCcWc26WmCGfNcTISSLGKG6HyGSJWGaDGHyCKQqQcvqxwZJn9Equzd6_VaHn9VfOkDn9kHaUKXHa-pBPYTJlAIYcghcIj28MT3C3N0zwkPHEV88D963bbSipoZyhSeVn95auRrF4zUlaTHCsnF96Z7pvpGIYt3i4XXb4VbioXUMMu9LUFxyQRoeYvbk_FQNlkHC24efOVaRg2mIqyecJOO96CKEW4C05lT_7TTfh-jMb8ak7KZIZkWZNNgyadPLb6_nnzJIvaMM67f6Y6jN5oHxKQ52NZm3_Uho1wcExIb6hSw3Vm534Uxzqt9aLiUVcjsw2FMz2Lsmyc7dTGwwVgbAox-aOOh1OUIYf1BsVv-A2XY-2e-VzhcXTEyBkxPa_HAgF9uD7nvoxjjxbQS5RwWViw67m8a0XCsNPjVZ-BR4oTTuvk7q4jRxSoaqUf9El-xXY8vCICHnvRIfSEh7sIVUpwtGb_ORskS7iwJVGQlCZF1PmZi74DEmLaMd4i4BncwwAV43xm5EJS4Y7dP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F3A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=3610688321997664&bg=!UlGlURXNAAYgquz3AKo7ACkAdvg8Wo8aFPMQsw4FWLC9lULxF3bIatrVyJ0Nj3SBccQxVTidXblwPgIAAAGcUgAAAAJoAQeZAuZJSKK1ks7JOUhSK08Nos1JydBn-wJ4AnAm6FXVki6fnF6eUcjxJvluWPKhQHtU7aCh2lhkDLcOdFT8E08X1-Va7gxo1ChawKSw-iU1ACZmYx4c2JFWWi2i-BTA5ykIxfc6ce6rwkI6ShmwFE8K7fatTdxKfCkCfm3dlXWkRm4iYhU82OfFfYwA0D9PDhpJQ-APcAukSkI-_rg6ZlvW45Z20DuN6i6cSXnKZvJF82nOHCuqv8hI7A-9mjN914L-__SJQez4M9QlN4FV0om3y-LNdxlyXeaKBFjf0w5o8Op8BJleeFQx6gzYkpyIoR-BadjCHnCaO9y7yYGrFrweFvbJ_zXMHTCqEkICK1L0BuAyCjyE87OORYF719IMpeEOsRfB-hlAhZvzREtPldkSJ1wAUO898g82Nw8x3HDL1t3DJkbt1TqF9jI4qHU3Lr_2q2f_rYN5-SUzqs2tJEga8hsIH-zjFXfVDMCSPv9oPDd97i1aK1tHDOUkGdhR6yd40q2au6xR2tE0zuXLbo60vkP4RdOfkRdaKR1mudR09uhzWh2Ez3xNtwDm97ijSPae3tQ3DUgEwcOU6RqEWtpU_dcd5uBhry3uJuGia942va-3_957f6s9S3c5sD-IqhKIkL1GigwqwpjMD2K1ZoWM5ZBlRmCiH7agZisCLCvNMHuwJHCp7meEmnyy8Eo4aMl2q0vxnQmnuc9p4b3oCMrT7nSj7KzEQmuF91wkNKJCaEAiifhe3pbT0d657RkvqZgAxxQ6JXmK65SSyGsD6bgAiK3_RptdnLIIyDlr8vj2URgCa4ivqMzJfmNgRc3xQorE--I2yknmHgRgJ6VMbu7RklZLbKW1Mhw1yc2DUUHmgsxmtNbxMH82ZY7JGuvWgzZUTIl8QKmtxF88dkRik2s8smfBxiZfE2NpZqlAvOLevQhc9PB-U5L6QFZVpKEDKnW66y1JCEdDPBS7rHDAPGOUOzUxXNtZKV9E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.travelzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9773 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1265575580356753&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 844E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:49:24 GMT
async_usersync
ib.adnxs.com/ Frame E678 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Dec 2022 00:12:43 GMT
AN-X-Request-Uuid
d233593e-338a-4a8f-b764-56b5eb361910
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C96_j-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE4gJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKbzVHe_h2YLAaJ7w3g_ZY6O8TNi1oP_us_EBj_KRmWico-HwZAft9hJ61dd5JQ3ABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJGmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vsQniSeKcELkJB4AKA8gLAdALDuALAbgMAZoNAQ7YEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=Owt1QifNvMo&label=video_ad_loaded&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiMQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame B12C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 14:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 14:03:50 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame B12C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CnUUg-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE3wJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKeTUp-ru-w3l-lUrR1E2-vs989cCN6HMuW8KoepeC8-TFHwwTSv1P-z7izjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEKjxgAOoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhicr_uoAtgTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTU2MTcwOTgxNDYwNTQwNzcYrMxs&sigh=xgxlYwHpSo0&cmd=Ch1jYS12aWRlby1wdWItNTYxNzA5ODE0NjA1NDA3NxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9GpiY8-vN9XAtDY_FadQxYGYXG-DWyETL3XUVcbP13wCFCY3l0xbU4Y5kSebZlnNUD_aop47GEBgBIBM&sdkv=h.3.549.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C29ZY-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE3wJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKeTUp-ru-w3l-lUrR1E2-vs989cCN6HMuW8KoepeC8-TFHwwTSv1P-z7izjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=Zux-NgV0hdw&cmd=Ch1jYS12aWRlby1wdWItNTYxNzA5ODE0NjA1NDA3NxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1977,525,2286,1075%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D596%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D825138342%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671667962770%26ptlt%3D1671667963790%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1671667963513&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI_AFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwGii3yEeJbDf38FKHUUyeWBvaWgRbkTEJYkxRcYMv0OwLYQYQ_PtOfr_3NcdDBm1pfNc8amaWfg3p3zQIFWbpu9nGASpLBM_iyRQvrMFEw9H1Mi0a8BrPAPCljRXdmFdT33LanzTwVI4zR2whtplqsskOno-c6po0&sai=AMfl-YQUefa2pE37NuMCuXYmM_rW9cWLxPrnkvGklr6XIL5g0K243o5zJF8tq2XtVW2k9hmYInesGxo_tdvHL9YLUh1wjSzT-7C1nNBZLHfRzyDtjPRj43YvNSofD6AlKTk&sig=Cg0ArKJSzC4LLzKV9xMmEAE&cid=CAQSPADq26N9GpiY8-vN9XAtDY_FadQxYGYXG-DWyETL3XUVcbP13wCFCY3l0xbU4Y5kSebZlnNUD_aop47GEBgBIBM&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1977,525,2286,1075%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D596%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D825138342%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671667962770%26ptlt%3D1671667963791%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671667963513&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C29ZY-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE3wJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKeTUp-ru-w3l-lUrR1E2-vs989cCN6HMuW8KoepeC8-TFHwwTSv1P-z7izjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=Zux-NgV0hdw&cmd=Ch1jYS12aWRlby1wdWItNTYxNzA5ODE0NjA1NDA3NxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1977,525,2286,1075%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D596%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D825138342%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671667962770%26ptlt%3D1671667963792%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671667963513&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI_AFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B12C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.549.0&e=44748969%2C44750822%2C44765701&id=ima_html5&c=1135248415826008&domain=www.frommers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C29ZY-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE3wJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKeTUp-ru-w3l-lUrR1E2-vs989cCN6HMuW8KoepeC8-TFHwwTSv1P-z7izjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=Zux-NgV0hdw&cmd=Ch1jYS12aWRlby1wdWItNTYxNzA5ODE0NjA1NDA3NxAAGAI&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1977,525,2286,1075%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D31%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D31%26pst%3D-1%26dur%3D99009%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D31%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D596%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D825138342%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671667962770%26ptlt%3D1671667963795%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1671667963513&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI_AFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 844E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qtxcJA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=i&dim9=7753&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=3881418946303&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv&dim8=1&adsource_hash=fdvTSO5bIeaAwbfen1F3e2xsCEeVVckuS-GClEsmV4XlNDz-tKgOXXvQGJ5Nsfq8hieMgwhWqRMe6phiZGDmYbqElw7x1dtAXfvz7qt1CkmpHluhWUvbNSAJF4wRC38u0I8z1zrKmUN4d8D5GgUEXJM2vQLjvXXJxCyQWLshCqfOeP9L6sKWuXLqIx4VAeQhLAR-ScHRdRyHP6Stb0AfHr8RrYCr4NyhGpaG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
/
t.vi-serve.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.vi-serve.com/?event=IMP&page_url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&pub_id=828537996619089&channel_id=rfwqzezlc&placement_id=plt5Som0Vl7a2KzaMMi&ad_unit_type=2&session_id=gxvb0trhccm3&focus=true&player=playerVI&build=m&pageLanguage=en&placement_w=550&placement_h=309&video_w=550&video_h=309&time_delta=7754&ad_source_id=xixr3sxol&ab_testing_id=testPIV_false&position_on_page=17&playlist_pos=1&matchedCategory=IAB20&targetingCategory=IAB20&mobile=false&floating=false&nv_video_id=101_e0813dbaa7380c816200e680c0d0fe71&nv_source_id=101&nv_feed_id=206&in_view=false&cb=0b53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.215.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-215-72.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=s&dim9=7755&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=2169673246803&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=pl&dim9=7756&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=7745657595648&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
truncated
/ 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
229ce7c32c2305a91ac697887158545117878df9a9f4d10019a8840bef1d964f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=mu&dim9=7761&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=7198101560848&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:43 GMT
server
fasthttp
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
mvo
tag.1rx.io/rmp/239286/0/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/239286/0/mvo?z=1r&hbv=6.17,2.1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
date
Thu, 22 Dec 2022 00:12:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
videointelligence-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1671667963830-172&nocache=1671667963830&gdpr_consent=&gdpr=1&schain=1.0%2C1!vi.ai%2C828537996619089%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A550%2C%22h%22%3A309%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545691045&vwd=550&vht=309&aumfs=1500
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.frommers.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		39 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=759910&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221671667963830-905%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.17.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221671667963830-575%22%2C%22ext%22%3A%7B%22siteID%22%3A%22759910%22%2C%22sid%22%3A%22550x309%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B550%2C309%5D%2C%22placement%22%3A1%2C%22w%22%3A550%2C%22h%22%3A309%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vi.ai%22%2C%22sid%22%3A%22828537996619089%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
576a08af2d2db03f5c4396408942b6fc0c682c416733e6c180c09663e7d0b001

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn5w8dpEuGz4WBF40G01A2JS4t003r%2BAlbYl6lmpoNfWFzqLgW591z0WS2%2B2njW2io00rTlAuKzyhs3lJbLzGcrRe9Hy5BBbN3Y0bmr2k%2Fq3YsOVepI7jjxYgNhfHMLBPQoftNTw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77d4a5c5fbe5bb50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		153 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.179.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-179-45.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2574a3ea2476700a9e5235dbc797115c4974fc2d017281fae9a359f25d0680a7

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
150
expires
0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame D72F 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
396923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Dec 2022 09:57:20 GMT
expires
Sun, 17 Dec 2023 09:57:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame D72F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 20:49:24 GMT
playback
www.youtube.com/api/stats/ Frame B12C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44750822%2C44765701&el=adunit&cpn=pCjHWeorrEX8SWHV&docid=HnkmYZiju6c&visitordata=Cgs3TlJvVVRTQ0ZlOA%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.193&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.frommers.com%2F&len=99.010&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=108.0.5359.124&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame D72F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.549.0&bgai=BeXTs-6CjY4PjBbCg9u8P4fyQ-AoAAAAAOAG6BRMI4-n7uPiL_AIVzob9Bx2HmQBc&bg=!5-Sl5KDNAAYgquz3AKo7ACkAdvg8Wuuk-T2dAC0WBZrcY9Ea6R3cbzoUeK6pxmRgv4UHF1tkUYFbpwIAAABVUgAAAAJoAQeZAnbhBOcg89wU12IrpGNBbkKfXUgRP1Rbg3s3nzrWckxOgYslf931vkEScvipK4WpooQLW6zOqBsq9d8jCQOdTYFyKuR4MXJNXROIYqJ7p2B99pS38ifOaExyXtPzjmA8QuHcaRiguNI7Eue2JEiDIF9awnevuv6iyfpCq-NPNWgIzMR-mPo3YqNNaslIX6gUYZwimSoa0r47xLQSgJ9hk-Q9iOZQf9eMKIZOLwE9gbjrZ5TuFRydkUFjuHBVBAA8jy7z5L2xpbUloXZZtsIbbDA1liFJXvMXctcuRQ0muM1xc64y5rCAu2bTVl5WZUIFbvHBBNdr5I1dL2KouytWacae1Px3T86Sj-Qh79QrR-FWJvBabASoVUaHKzZliYB-a6i5ZyZS-QmLGYxsZcBQ6ZvZWI_m4KTh2PKKbhfdkCWtGwZXjV2onqGY7mnKjcFLipSAychyQSzW3n-NU5frAqzvcoPJ03Ao_G6--A9fCt6OadhPN4izEYvdYqAVZcrkxXAX6x87W3qz_Ddj6rMpxTl9sDK5NxXWt-rVJmq-5O_fKX1fUyYiN6Nz0GYZrBkojqf1pwOs7rX9HI-5_84p0LgjA-Izo1OCEqTwVJo36F1Hd5OhZO_Pq3-mC3g2a4WSBErILRiJ3a31OgkXP0sasHZmDVyyS-AixuO1fabuPPsVLxnZjzhnG_lq0l0fCoo459oA1agW0_O-JpoPrGGLFp2cMg0Ci5OGy4s3TPSbDd_glR0KmewEaJbIXxCZm1Y5MGuiEpeJti81UFwwJJosD3T0p6fOfekPm4RubC_FBXFhSaaXTxFsecbYnNitWfFmJSevlG7p0SU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B12C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lbybxzse&c=3476053140359&slotId=1738026570179.5&qqid=CMPM_bj4i_wCFTCQ_QcdYT4Erw&gqid=-6CjY6OABM6N9u8Ph7OC4AU&fb=ima_html5-lima&sdkv=h.3.549.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lbybxzsg~vss_tr.k7~ff.lbyby00h~vss_pp.x7
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-frommers/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 22 Dec 2022 00:12:44 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77662
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:43 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
mvo
tag.1rx.io/rmp/239286/0/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/239286/0/mvo?z=1r&hbv=6.17,2.1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
date
Thu, 22 Dec 2022 00:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
videointelligence-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1671667964405-397&nocache=1671667964405&gdpr_consent=&gdpr=1&schain=1.0%2C1!vi.ai%2C828537996619089%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A550%2C%22h%22%3A309%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545691045&vwd=550&vht=309&aumfs=1500
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:44 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.frommers.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		39 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=759910&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221671667964406-399%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.17.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221671667964406-758%22%2C%22ext%22%3A%7B%22siteID%22%3A%22759910%22%2C%22sid%22%3A%22550x309%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B550%2C309%5D%2C%22placement%22%3A1%2C%22w%22%3A550%2C%22h%22%3A309%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22vi.ai%22%2C%22sid%22%3A%22828537996619089%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a224ed7440a99fc5a34dd9f7a3ad4025cba89c7e18ffbff7e58fbfc56b9b272d

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jc8J0LZJL9kRNcxGE6VoWo3WEhld%2B%2FSa3MOWsx2WquZPKlIdej4G4YofEqK%2FFbGWG3jYjlnbE8R7M4TgqqqhJ3Oa38vNxWtzLLP0NlRe5eJQZ3BjDEmncMeIJ2ZSaAL58KykVPtd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77d4a5c98facbb50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		153 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.179.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-179-45.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bd24a00cf2f6ebc98a34a06e9810e648d3eb50a47b92804fbeb0b471c21d0705

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:44 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
151
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1265575580356753&bg=!fH-lfzvNAAYgquz3AKo7ACkAdvg8WrtjOsMYxwafYHo-f8rGqG7ek8Ut6DP3BsWWg2-pQg7xiNNJFwIAAAEBUgAAAARoAQeZAtEeEro93O8V6_DokZ0TeE8WbolTBNARQjIsQu_hX1qnW1zf_LQTmOLhzCSF_XADzntNCObCkv6HbOG5BMuRYY2b7ODxou25dzrfmU-B6lHAsFQgLlKu3EcpnQsL-SRDEW0Aq_njqmsTT-MDlJDQRu08Pj2ah54WkS0-s-If8aqF8_wrEO0JduEetVazyqQlDif955HkjKNE7BzQmtMWM71h5Rt_lVpzs-aY38zH4TihN9xxeB3rPsarJdJhXTNWA3bvQU7DBimaDbOMBdbvqwbk8DZdihYxKkIjGFFqgP6RoWM4hPjgUxC3zBjhcouE-nZuYjvR8EXAYWqj_XfxV692usAuyDE_HU8hkMw6_NA7G3vmNKl1yH1ppdI40o00FAkaSuCWSjTtMt4Gh62M5gcmrdDDKsJLwLSMwyhPCtjuwj2lS_f8Id_bBP2qsJue3pjaH70UzpnGH2Ry_PpMkArIVXGbRxbfGHxQc4eV8uQEMPN12j6vmn51CRBTn_aZ2QXHEg2bRiMkLQ3W0wcWg4N9UIcmjhzEUEVyXWwXk0RqPoVgPp7UrSMKlyX8eJbjnlXTtJUUPJlG--mHj6c7TV9JeSLeqITyAMjmr954T0U5sSyT48Hy_YRvqOxLOIcBWjlrE4UbFwUuVuovPgspPEfzNDm2OvOl2KBqFSjfdRp-AGh6sXx7WKIkoOtfIXcxIrnnRWN0hsqOWRuMdNb6NaXHHz4EhZw9rV9T9hwU023bFyNnL5cEMXlswvWdYvWUIReffrP59Gy-msH5OT3DGricB-gsjSum21_hL_aChwgLyjMdc54vzCE4B4JTK0mf74Ecvo8JDL6zeOjpRxLsbxRPNqeotQzgAUua8KpcYDEHzlmt5siJm_RflIBLo6532H7LYH-LMaFWizpcSNkbeeLvH4alpFbgsc0jGzBB5RxMraueh4TBpZ5anYbRDEN2iLNp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
log
pixel.inforsea.com/server/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.inforsea.com/server/log
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:44 GMT
server
fasthttp
v1
prg.smartadserver.com/prebid/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:45 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.frommers.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
mvo
tag.1rx.io/rmp/239286/0/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/239286/0/mvo?z=1r&hbv=6.17,2.1
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
pragma
no-cache
date
Thu, 22 Dec 2022 00:12:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.frommers.com
date
Thu, 22 Dec 2022 00:12:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
videointelligence-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videointelligence-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1671667965223-870&nocache=1671667965223&gdpr_consent=&gdpr=1&schain=1.0%2C1!vi.ai%2C828537996619089%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A550%2C%22h%22%3A309%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=545691045&vwd=550&vht=309&aumfs=1500
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:45 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.frommers.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		153 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/vendors~pb.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.179.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-179-45.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
520df676b1ddfb22b0a39f5538c0a4f3f854856fe96ac7f8f1b406674a08fd3f

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.frommers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
151
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 80CA 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Thu, 22 Dec 2022 00:12:45 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 1818 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.frommers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 80CA 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 00:12:45 GMT
integrator.js
adservice.google.com/adsid/ Frame 80CA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.frommers.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 1818 		83 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21708299310%2C64147298%2Fca-video-pub-5617098146054077-tag%2Ffrommers&description_url=https%3A%2F%2Fwww.frommers.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3427626883152180&cust_params=video_category%3DIAB20%26brand%3D%5BVI_CUSTOM8%5D%26vi_segment_de%3D%26vi_bsafe%3D%26vi_sticky%3D%5BVI_FLOAT%5D&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=143593274&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=D7413733-9F0D-4E01-87C2-182037928435&nel=0&eid=44748969%2C44765701&ref=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&url=https%3A%2F%2Fwww.frommers.com%2Fdestinations%2Fbrazil%2Fplanning-a-trip%2Fentry-requirements--customs&dlt=1671667965207&idt=312&dt=1671667965548&cookie=ID%3Df2cce56ea98e4217%3AT%3D1671667957%3AS%3DALNI_Mb1c-3E1dk52K5CRkG2zqW7XLyNJg&gpic=UID%3D00000b95d9bbb62d%3AT%3D1671667957%3ART%3D1671667957%3AS%3DALNI_MZpx8Q--VyHeL19uaqajfXC5O5n0g&scor=275539535414620&ged=ve4_td1_tt0_pd1_la1000_er1977.525.2127.825_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e84a4c96298f2dbba5e58eddb85b61fc9150d304e17d119630d8884a6a9884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16910
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
pixel.inforsea.com/server/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.inforsea.com/server/log?event=b&dim9=9814&env=w&domainapp=frommers.com&session_id=gxvb0trhccm3&width=550&height=309&visible=0&cb=4506693782080&ab_testing_id=testPIV_false&publisher_id=828537996619089&affiliate_id=rfwqzezlc&country=SE&os=Windows&os_version=10&browser=Chrome&browser_version=108&iab=IAB20&ad_source_id=xixr3sxol&sell_cpm=8.93&request_cost=0&impc_aa=false&ssp_partner_id=sejrc0oqv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.frommers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 00:12:45 GMT
server
fasthttp
log
pixel.inforsea.com/server/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pixel.inforsea.com/server/log
Requested by
Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://www.frommers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Dec 2022 00:12:46 GMT
server
fasthttp
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B12C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C29ZY-6CjY4PjBbCg9u8P4fyQ-AqwjbeGboGfsv3_EJy8q7KrCRABIPihwmdgleKQgqAHoAGcr_uoAsgBBeACAKgDAZgEAKoE3wJP0KMbdSy0vkX3tvm-hIvHXFSGagNtl3GMr5PjQC5CCol-DD07-aHpwws1iHcgla7isvq9cMNKSEB1ewhvG95wCNftBL5luvLbT9AqwzfUioJIIri3eNcgp-ic69Sne_U2Ry6JE7_W32t68x3n4Rmx4vdfYmb4I7ADDUH2F3FabH9nXQLrimaANGaDE4_Ks8xObXKzPwyOOj9LjJ1MUwj11_PPNay2_40e5FVCLEbZ8FqhAq-D9pf41ORK7IRe2p8mwvqo6Hlzhw4zOMxBkTzZUy-M9A4N1haUjjjLLBnTxnJ9mmgNnKJkZ7dU26vVJz6H5yTOwrHrSJUJoiSvdngveeGDQM_7HF2iokCVa5O51d35uYVnmx49gTl1_Aloe58MsNZXUIGS8U1GKQCpOhTTlV7bKeTUp-ru-w3l-lUrR1E2-vs989cCN6HMuW8KoepeC8-TFHwwTSv1P-z7izjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=Zux-NgV0hdw&cmd=Ch1jYS12aWRlby1wdWItNTYxNzA5ODE0NjA1NDA3NxAAGAI&label=video_skip_shown&ad_mt=5240&acvw=sv%3D941%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D1977,525,2286,1075%26p0%3D1977,525,2286,1075%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5264%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1262%26pst%3D238%26dur%3D99009%26vmtime%3D5240%26is%3D18%26i0%3D18%26cs%3D4114%26c%3D0%26c0%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D596%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D825138342%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1671667962770%26ptlt%3D1671667969027%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1671667963513&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4NDExMDA4Mzk2OTIMNjM3MTgyMTI2ODUyQK0DUiYQDyUAANBCKAE6C0hua21ZWmlqdTZjQglnb29nbGVhZHNI_AFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Dec 2022 00:12:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
travelspike.azurewebsites.net
URL
https://travelspike.azurewebsites.net/content/tiles/tags/28A7B6F336A849F29CB86AFD2DCEEA5E.min.js
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| dataLayer function| admiral object| googletag number| js function| changeImageMap function| $ function| jQuery object| jQuery112408997298126870104 object| salvattore function| Spinner object| Analytics function| getCCID function| addSojernTag object| App number| Version object| blank object| namerica object| samerica object| caribbean object| europe object| asia object| africa object| australia object| Frommers object| Slideshow function| adara object| advally object| regeneratorRuntime object| advpbjs undefined| cmd object| apstag object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| 4dm1r11545242527 object| COMSCORE function| udm_ object| _comscore boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| google_tag_manager object| ns_p object| _qoptions function| quantserve function| __qc object| _qevents object| ezt object| google_conversion_id object| google_conversion_language object| google_conversion_format object| google_conversion_color object| google_conversion_label object| google_conversion_value function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_currency object| google_conversion_domain object| google_disable_viewthrough object| google_gtag_event_data object| google_remarketing_only object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| onLoaded object| _sf_async_config object| __gcse object| elements object| recirculation_div_array object| advpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId undefined| google_measure_js_timing undefined| conf undefined| ret object| slotRules string| x number| y number| ylen object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_image_requests string| key number| googleNDT_ number| googleAltLoader object| i2Kytr2 function| i2Kytr3 object| xop object| l1j6u0f2jgg object| 1fsou1qyt62o object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater boolean| DFPMessageEnabled object| Su5QYE function| Su5QYB object| xblacklist object| dE1soa2 function| dE1soa3 function| xblocker object| bouncex function| _i_ function| _r_ object| BookingAff object| webpackJsonpViS object| vi object| dmlkZW8gaW50ZWxsaWdlbmNl object| dmlkZW8gaW50ZWxsaWdlbmNlIHF1ZXVl object| __ctcg_65349_0_exec function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| __@@##MUH function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| webpackJsonpViP object| dmlkZW8gaW50ZWxsaWdlbmNlIHBsYXllcg== object| $$PREBID_GLOBAL$$ object| mnet string| $$REPO_AND_VERSION$$ number| google_global_correlator object| closure_lm_320381 number| _sf_endpt object| addthis_config object| addthis_share object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| closure_lm_810935

85 Cookies

Domain/Path Name / Value
www.frommers.com/ Name: frommers-eu-user
Value: false
.www.frommers.com/ Name: _yoid
Value: 4ff4c481-d909-4437-b635-446aa81f72fd
.www.frommers.com/ Name: _yosid
Value: 9d00a024-5bed-41b5-b8ae-ea4012c95acd
.frommers.com/ Name: _ga
Value: GA1.2.1145010253.1671667957
.frommers.com/ Name: _gid
Value: GA1.2.1920018442.1671667957
.frommers.com/ Name: _gat
Value: 1
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 820279963
.quantserve.com/ Name: mc
Value: 63a3a0f5-6a341-41251-bf5cb
www.frommers.com/ Name: _frommers-admin_session
Value: Rjg2TFRLMllYSlF0N3NMa1JIRzVvc2FXdnhveW8rd2tWK2lXUVRzVHByazl1L3JqMTJ3YlJFUkQwNWdlSE1tS0ZjQXhzVEowZnNwZUh0T1NJZ2FWZzEyYlBTWHlvUmZiL0NlNmpEYzNXcWFwUXVHS0p0K3AxbUJtbFBPekNjN0xJT1lud0tuZW94bUFSeHFLNTFoY29pd2VBOXVVTjRtMG1SNHBLcEgxaFVZPS0tS2VwYkt6UE5yZE45WHprQXo3anZsdz09--bd3bd50ba3ee2fbd7b8621dcf964819b51ec6c6a
.yieldoptimizer.com/ Name: ckid
Value: 3016504521262
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B122472%5D%2C%22dp%22%3A%5B1580%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B39%5D%2C%22t%22%3A%5B122472%5D%7D
www.frommers.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.frommers.com/ Name: __qca
Value: P0-1367190897-1671667957323
.frommers.com/ Name: _gat_UA-6725325-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnBZdW0d5NRSwZFiqTZS0L_uiHUz2gNvpP_m-MkX1zoiEUXYMTO3gM5ZWlkEu4
.frommers.com/ Name: _awl
Value: 2.1671667957.5-f5a18467298e26574c9c7bafd9120ee9-6763652d6575726f70652d7765737431-0
.sojern.com/ Name: dc-part
Value: %5B%7B%22dc%22%3A%22Brazil%22%2C%22et%22%3A%22vtk%22%2C%22pc%22%3A%22%2F%22%7D%5D
.sojern.com/ Name: adh
Value: 1
.frommers.com/ Name: _admrla
Value: 2.2-fe0fcdad854c14ae-57b99031-818d-11ed-8b41-72d66effe5e8
.adnxs.com/ Name: uuid2
Value: 2841619000722146709
.adsrvr.org/ Name: TDID
Value: b37cd168-85d9-4742-82a0-780bb28879c8
.adsrvr.org/ Name: TDCPM
Value: CAEYBTgBQgQiAggB
.sojern.com/ Name: gid
Value: CAESEJupefruuf_rGFQXEcmmTDo
.sojern.com/ Name: cid
Value: 1d18dd8b-e121-0efa-f458-f8a4b061598b#1671667200000
.booking.com/ Name: bkng
Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPeemFTKkI9IUtjksAvGJpGY3T6oTyudszFZ08S21tIUN8Rn8PozF%2BGWhRh78TLPMapRQhH3f9XzF%2BLdDzvfb2VVhbphR5licXzezNm2K7ZKffIsxavLeh56VQIWP71QVaiFtjudlOHHzw1oFDyYO9C1r
.sojern.com/ Name: apnid
Value: 2841619000722146709
.getrockerbox.com/ Name: uuid
Value: 2841619000722146709
.frommers.com/ Name: __gads
Value: ID=f2cce56ea98e4217:T=1671667957:S=ALNI_Mb1c-3E1dk52K5CRkG2zqW7XLyNJg
.frommers.com/ Name: __gpi
Value: UID=00000b95d9bbb62d:T=1671667957:RT=1671667957:S=ALNI_MZpx8Q--VyHeL19uaqajfXC5O5n0g
.ctnsnet.com/ Name: gid_CAESEHY5n6-7rLubfqpOrUkUF0s
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBPego2MCEAndJq4FkyIu_OdWwL6X5rIFEgEBAQHypGOtYwAAAAAA_eMAAA&S=AQAAAommiLCz1IRaEvazeffbjqQ
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-824bf005-5ba7-4e7e-964d-e650a0e5dccd-003%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-824bf005-5ba7-4e7e-964d-e650a0e5dccd-003%22%7D
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D618838E-D083-4284-BFB9-68E56D9FA256%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7179759217990760588
.w55c.net/ Name: wfivefivec
Value: DomhF6DR1P89cs5
.mathtag.com/ Name: uuid
Value: b65163a3-a0f8-4500-9d91-23111258cf5a
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: tuuid
Value: 3c37e446-8e4b-4f22-ad58-1323a860bfea
.bidswitch.net/ Name: c
Value: 1671667961
.bidswitch.net/ Name: tuuid_lu
Value: 1671667961
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~28zc
.lijit.com/ Name: ljt_reader
Value: F2xMvGZHvf_92XPVRoitmdSO
.simpli.fi/ Name: suid
Value: F71B2E77122345248553D72836087AA6
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EFABCQHvJ4EA
.mathtag.com/ Name: mt_mop
Value: 4:1671667961
.pubmatic.com/ Name: KADUSERCOOKIE
Value: ED0D23FC-B3A2-49A7-82A0-FF5417368E6C
.adform.net/ Name: uid
Value: 2168556457566501634
.ctnsnet.com/ Name: cid
Value: a37c86e7eae34afaa58f5e14e954c39b
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D618838E-D083-4284-BFB9-68E56D9FA256%22%7D
pool.admedo.com/ Name: tuuid
Value: dbfd607c-c3d2-422f-9b18-40cafcd8fbd1
pool.admedo.com/ Name: c
Value: 1671667961
pool.admedo.com/ Name: tuuid_lu
Value: 1671667961
.tribalfusion.com/ Name: ANON_ID
Value: a9nseFs2aF9pAJsbYL7Zbbj2TZbXY4G0j0VJAsBa3FQ46XIkuZccpNV55ZcxZcX9LbxdIqPVpArPU8V5jBtc6Vbji
.de17a.com/ Name: guid
Value: 1.467399218662711736
.awin1.com/ Name: awpv11354
Value: 412871|1671667962|5a771980-818d-11ed-bb44-226289dc062e
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1671667962
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: JNtocSEVcbIw_CggztDBG1NkrU5BhDzPdHronSysROQ-1671667962-0-Ae0ymvyg0Kdps2fZhoy2CQ7F6nF3M/hsNE+Kwmr2kaK/tXdosGbRfmdMVgO2PJvUJI8JSasANxYwl7rpPjeQ1+c=
.casalemedia.com/ Name: CMID
Value: Y6Og.mbXgEGkoHmobTERnAAA
.casalemedia.com/ Name: CMPS
Value: 1155
.casalemedia.com/ Name: CMPRO
Value: 1155
.blau.de/ Name: nscT486
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcxNjY3OTYydmxlYTFkZTIwMjIxMjIyMDExMjQyNzk3MjY1Njk1MTVYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022122201124279726569515X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MTY2Nzk2MnZsZWExZGUyMDIyMTIyMjAxMTI0Mjc5NzI2NTY5NTE3WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQzYmdGcGYxNFVaclpVN0hySEF0RXQ5OTdmOFRXVFJlYWRvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTIwMjEx
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022122201124279726569517X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MTY2Nzk2MnZsZWExZGUyMDIyMTIyMjAxMTI0Mjc5NzI2NTY5NTE3WDEyMDIxMVYxMjI2MTMyNzAyT
.casalemedia.com/ Name: CMTS
Value: 5262
.amazon-adsystem.com/ Name: ad-id
Value: A5qdpY8xCEoMn3orcp_qOpk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.frommers.com/ Name: __atuvc
Value: 1%7C51
www.frommers.com/ Name: __atuvs
Value: 63a3a0f682b057e6000
.frommers.com/ Name: _cb
Value: C065fKD73VczTvpye
.frommers.com/ Name: _chartbeat2
Value: .1671667963548.1671667963548.1.DuB78ZBFN5fmrhwNhDbkxlRQS5OR.1
.frommers.com/ Name: _cb_svref
Value: null
.addthis.com/ Name: uvc
Value: 1%7C51
.addthis.com/ Name: loc
Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

10 Console Messages

Source Level URL
Text
javascript warning URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs(Line 860)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sb.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.frommers.com/destinations/brazil/planning-a-trip/entry-requirements--customs(Line 860)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sb.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://script.crazyegg.com/pages/scripts/0084/3158.js
Message:
Failed to load resource: the server responded with a status of 410 ()
javascript warning URL: https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://www.travelzoo.com/rwO0EEllGLJSp/J/qj7y8tM778Jr4/QOikDNXSz5/Ty5sDFsCOg/Uh1/HWG9EaRYB
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7963287176706260992/index.html".
security error URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7963287176706260992/index.html".
security error URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7963287176706260992/index.html".
security error URL: https://062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7963287176706260992/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02fd4320065c04e7f2b899e017232749.safeframe.googlesyndication.com
062af89fdeae3ce9bc1ad103a786ed54.safeframe.googlesyndication.com
9ff3c7fa466b0a359e336311d90a5e91.safeframe.googlesyndication.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
acdn.adnxs.com
ad.adsrvr.org
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
aff.bstatic.com
ap.lijit.com
api.bounceexchange.com
as.ad4m.at
assets.ad4m.at
assets.bounceexchange.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
call.inforsea.com
cdn.adligature.com
cdn.indexww.com
cdntravelspike.azureedge.net
cf.bstatic.com
choices.trustarc.com
choices.truste.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cse.google.com
csi.gstatic.com
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
de1-bid.adsrvr.org
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
edge.quantserve.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fcmatch.google.com
fcmatch.youtube.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
js.adara.com
js.createsend1.com
log.outbrainimg.com
m.addthis.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
media.travelzoo.com
metrics.getrockerbox.com
mv.outbrain.com
nv.vi-serve.com
odb.outbrain.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
ping.chartbeat.net
pixel.inforsea.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
player.inforsea.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
pro.ip-api.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
r4---sn-5hne6nzy.c.2mdn.net
rock.defybrick.com
rr3---sn-5hnekn7d.googlevideo.com
rules.quantcount.com
s.amazon-adsystem.com
s.go-mpulse.net
s.tribalfusion.com
s.vi-serve.com
s0.2mdn.net
s7.addthis.com
sablesong.com
sb.scorecardresearch.com
script.crazyegg.com
sdk.adara.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssl.tzoo-img.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.chartbeat.com
static.sojern.com
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.vi-serve.com
tag.1rx.io
tag.bounceexchange.com
tag.yieldoptimizer.com
tagan.adlightning.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
travelspike.azurewebsites.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
v1.addthisedge.com
videointelligence-d.openx.net
vis.vi-serve.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.booking.com
www.conrad.de
www.frommers.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.travelzoo.com
www.youtube.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
travelspike.azurewebsites.net
104.18.33.19
104.87.133.65
104.96.128.226
107.178.244.119
108.177.15.156
13.248.151.244
13.248.245.213
13.32.28.197
142.250.180.226
142.250.185.130
142.251.208.130
143.204.215.30
151.101.1.195
172.217.16.198
172.64.151.162
172.64.154.237
172.64.175.31
18.66.218.75
185.29.134.248
185.64.189.112
185.64.189.115
185.80.39.216
185.86.139.103
185.89.210.212
185.89.211.12
199.232.18.132
2.18.36.193
2.18.37.133
2.18.37.67
20.13.96.71
2001:4de0:ac18::1:a:1a
205.185.216.10
205.185.216.42
213.155.156.185
213.19.147.42
213.19.147.44
216.52.2.39
23.35.229.181
23.35.236.188
23.37.42.132
23.62.220.135
2600:1901:0:76b9::
2600:1901:0:7ec2::1
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2057:4400:18:1fcd:351:7bc1
2600:9000:2057:f800:1a:ba5c:3900:93a1
2600:9000:211e:e600:6:44e3:f8c0:93a1
2600:9000:214f:d800:8:48e:53c0:93a1
2600:9000:2240:3600:1f:e2ee:200:93a1
2600:9000:2240:8800:1f:e2ee:200:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2606:4700::6812:7f05
2606:4700::6813:9408
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400d:802::2008
2a00:1450:400d:803::2006
2a00:1450:400d:805::200a
2a00:1450:400d:806::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200e
2a00:1450:400e:15::9
2a00:1450:400e:1::8
2a00:1450:4014:80b::2003
2a00:1450:4025:401::9b
2a02:26f0:dc:185::11a6
2a02:26f0:dc:394::11a6
2a02:fa8:8806:16::1400
2a05:d018:cc3:fe04:878e:121f:757:1432
2a05:d018:d29:3601:576c:7828:69ec:4641
2a06:98c1:3121::3
3.121.4.183
3.126.56.137
3.127.13.90
3.235.208.205
34.102.191.167
34.111.8.32
34.120.253.250
34.95.81.168
34.98.64.218
34.98.72.95
35.157.98.214
35.171.249.126
35.186.193.173
35.186.212.60
35.190.0.66
35.204.158.49
35.210.53.219
35.244.188.9
35.71.131.137
37.157.6.254
51.77.64.70
52.28.179.45
52.46.143.56
52.49.220.212
54.217.203.96
54.74.115.87
54.77.215.72
64.202.112.127
65.9.65.116
65.9.66.56
65.9.66.8
65.9.86.97
69.173.144.138
69.173.144.165
78.46.85.162
84.200.5.215
85.114.159.118
88.99.63.132
89.149.192.65
96.16.134.48
99.86.3.236
99.86.4.64
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
006cdbd5a1bbab2b7276eb0ee5b4c2af8796e35dd2dfb9fb6d621fc90c11d1f5
017a959c22c73642476d5eed6bf063f5e62c4d71cb3feaaa8b29b8daac6ee6a8
02247e2e4d5f236746f5e077ddf63c3b01528e8b12e5c73f1311876f332135f0
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
030d90525699b38b1a530bd2fee0ae07b3134cad1a22a3bc698b848e7af66639
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0403d7926a4bd1de352f1f3bce34fe8a0638fa2e33d0892ee84ab7d106d488f9
0481d347a3644267be3af07f807ef2ab80727928e8151080f35514af165f63d7
04e5397b0a23a97feaaa77f962bb563ab30c3361fea0c9e6dba42eb82d8c8e4c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05713be7c5bc1a73bddacf38eb4d8f8276865c8ada5bd824b7f50f5425408b2b
06883c4535fd793c71181b0c51bfc63e2a1dc2881876c0e563a332e91b0bfdf5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c86abbe59d47e7ec2da33761604db67042311cc180801472ddf0a7324eab44
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e1f98d71f8f1405d6afbc8504c4d4fcba361a222c9ebe2553208ae891a2bfc7
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
10b98ee9d82312f4710eb101115dca0794d4853993b119d022e1f69a9e3a23eb
11830a14a54f6675d0ee2eceb47f639ce417014d884ee0abf88651ea283b7fed
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13147f1e31a5ae2a141c12df45f79b1926d9ba9581b06ad790431f96c9d5dd3d
14f26d376a773fbbb6cbb816216dad5f6d0271a4199f3ac5944a6001666d3eb6
1620012ac3fc2547820311c8e1bb2c48f8c11563f16d5713c6c372a765037c55
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18208c2b1c05093edd255bda9d21a234d5167a432c966376ce0da6191f6b1958
18e84a4c96298f2dbba5e58eddb85b61fc9150d304e17d119630d8884a6a9884
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19c35417d4d3554b40996564bb1e2a1e47f65c4c378fdec8af5ae9b09cdd593b
1aafa5531361e99401c95413839eebd41b4c3f4068cfabf6274743fb27696e01
1b33c16f39a180213b010e813470d9b31833409d97e78d43d33f43138852a26e
1b71710b60bee49790c488996039bd13467c9ebeb2a24057e0b5eb8d383c6115
1c7dfe237d607d6f65f59c698a5780818e027d755f77d4f4453eb5e0c69ef1d9
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d4add5a9fea05d55c40eb56cad3ebf215e7ac8ddfb7c845822c5300d35a8cfb
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2013f00120eab5b2c18b7f0f6554c7741dab49acfc3ccb35642b644010435ed6
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
21d6a1ad4a72733fb62ac74d9a2719f2fe8d6cb299d87f8e45d3b68847132341
221d4163efcc33901c81b361064c1ebcf71de469c694f2cd38892677b95a7add
229ce7c32c2305a91ac697887158545117878df9a9f4d10019a8840bef1d964f
2574a3ea2476700a9e5235dbc797115c4974fc2d017281fae9a359f25d0680a7
25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2942d3f1452380f1e0b4585455524f9ae5da16dbfadee6ebd7b42ca531682cde
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dd2ce8544040b625c1e3744400138c7ceb5da5575175a5417e8cffba360ab9f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3019667a5e7c233eb00246d948a4b995c4f7e333cae5a79327512c74b605963b
3161ee05fbf2e98308580a3977b40b09126ec3484bd84c1d1ec150fd14358916
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e76a6fbf3030405a801950a8efbf687b7d874cab512aef913430076a054f7a
3212c52a83653718ad4db95c0fcf1025ac31c8ab975ac8d409cb427a389f370c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3320d532bdb9b78cfc01860c314324ba7aed0989e758fca93fa658bdc481b2f3
333f7cf71869f992663fe2a935b75c0c0779b746cc1e4d252057bf256f607e8c
333fb273be028ee892010d43e88c5b695988b2f577aac29c366adff056f33493
33ebb3ed6a4446d1ec051b534c4d2b39070da2159f89d345a4b0e8a769718684
33f7e8e95bbd45ab2dcf42cb33b8d8f17e56d0c6e8ef736e52e2f45005c95b3d
33f81c8d7d8fe829dc47722758967ed211228c29de6e5db3d162ddb9d5a795ac
343a1171ba368a532d20a085d94609abea955f6a408957dca83b2c605fc97835
34900ef5823ce7380ed18b7cabea4f295587bb779ed6118fbb35418c1b655970
35cc2f0af2de889629069a65afe4fd1c42e1aed3292a0d092659a0ae190749dd
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
3847a7334d83e6fb9f45b8062ef628ad6a8f519a6cae84b80c3348bb1abd500e
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a659af107d07848b03f333e52f52b702110814b05bd449eb86b9bf00bde6096
3af3f75e2bc5fac025eec25f3fa8540b0daf5163b41a9956b8d224e096a89a7a
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b99d29648995a3e58156442b90b05800293f3a32ad32ac758ed0faa3eb62825
3c51d0c5bd39003ffccf0f6baac0e94d2842bc79d932dd49e6146e3356a9fa2d
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3cd322ed87247771fc13a7ffd3be194607e3210437398f0f31faf9f62c8d522b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dcb6c3049f5db5b2aafd6d26bb168461e467b73adc2f542c4bd30e58d6f5f3d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff36b0091e7de77538ee357c57ebbda63a1c8dd61fb97d6071527d980ba38f1
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
405e320cab35cd1c12ff8daeb9b293490097da90080311b8a6c72bd9af2108ad
42041bd5b3b63c3999995bb3991c1d137c92fe4c2186580b8de26c309a5c2cab
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
4cb363824e42ab6c92d3e447504726051506b5d09e728a02870e3e50768bfb36
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
4e69f9cac3dbe9c36399899055cef9df2a12c9e18e0ffcf41c20b08273451315
4e972a02cc29c22edfc4d6d2e1e9afce0bef26000c2331fe4274eea787bfea7e
4f4f5f6c89d2e89d04f352d9638f793186d25a833075263e79cdfd638341dc5e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
520df676b1ddfb22b0a39f5538c0a4f3f854856fe96ac7f8f1b406674a08fd3f
5435f52c67618d35ef3c4257ba1ca4822ba832488821f64633374a04a798e15a
549c4fec12835821ee94d4e1103b73d0fd0460a1b3ba923b6596ad3bc7ac63c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565d2146b2d0b8bea08cb575194d70c8adf7e3cef17373844b00b135b050f84a
576a08af2d2db03f5c4396408942b6fc0c682c416733e6c180c09663e7d0b001
58869dfc645af463e2f3952327dc0bd0b9d122ac995a4320e734fd61b1d34307
5c8a02588d9abf76f6fabbdac267f8827ceb5a5395c343bb694be58290b9351f
5cb557a93cee9ab58da4f7e0ded20309261f563d53dc5573ccf6a4a1a9ed6a30
5cd8c5763d387b2632eb552f4b8dae571a7a00ce0ea2953d30b959a1277a2b99
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d6488d7e60f2490201d9fc9d1faf21f55c1f7fa0ea46dacedacd608a12a96aa
5d6c2f7d613462d48e6f8e47b356bf781a82fb0ee98cec5d94ed8994c35baeaf
5db60a3a171a8f87a78ce6535917ce0a8c26e54f4b937ef4b22018fa244c2efd
5e511da3a4fb796a0757d341558c86fb123752f39c370f6dc1eef9bc4885bd31
5e748e8c74d5ea6923baeb1165eb4b431d8b4d343d4dfa3c639b8c707b4f929f
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f542339e204af8a908a6b4278ccd98eb5f7dc91ea1a0483e017384777cf61fe
5fe061d3da79d71cb8d7c2b7e72fc2b4e3affb446c1b3807e7e2ab5593988d5b
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61539fe36f19127bd9f048105f8ffd3538db70f2f535b9e7bd8b167eef867f72
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6265ec02a358f430e495a5fff4793ad263d95b88a9b240fab40ba0092ecf46c8
63315392f67bb437a770d7d9ff36322abc67bf2d45c5557b2062872022eb9179
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63e18f59f60a9d32b5eb5fbf5d9d85cbdc5b30c8f9a918d9b0ffa9d591455a93
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63f58cb7747f696cc982ac83b36fe1912575d7682633b56414121997f70f387a
643a024cdc7bcc0f1fc312217644d73d5636271898d9b054fb7e19b745158ac2
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
65f57c54dc315c0798591f6a4d56cfe69072fe4b235b56a090138702c93bbac7
6740b49f76b27985f7412ffad4bad5f4e0801412208142b0de22a9e886c9aba0
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68902a1b6ff2345e154ec58b8d2d4b0094e1ddb34bb66ab0831de2964fcc73ea
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b3d2636fa062155175fc0a4a8bf3626577e8e039d295631a7fdf37f4ce079ed
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5ae7c1705d8be2d91bcb0099be33b069fa75d664ae49134a0e8cffdddd1bcb
6d404b0ee66e910fdd0d5f914e6b3b6eb43c8e69e7c990c4ac944115ee64d0fd
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
709a645356ff3b66dc3b342cb54dc1d75d38fb5b10957bede4a00210560e3fff
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7472ff799b7642bbd31fb4fc9ad99b62ed001b25f78c1ff085d9484439444ed9
7516bf7aa8456d45d52319feb29f70e241fa029b8d799249868083bbda3bc3b3
7832eb8a8ab87dafe081e21cea89e3b7e077f6b8a4322346fcf65cf09bc9ed5d
79f01341ff81de34256a398e3af45adab79ffd2af41c9569afd23a7d3188c86f
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ef81ed53d5ee9c2d6750a523c8353f29d0f1cd62185ad02f79a1225c9ac16af
7f1b16eaedbed2350b3f7f27dff10f5fbbce59bcd490b57f553dc638e0999143
807f353be5c3233905e3cd6bf21d18ebfeaf955d9f02ea96d4dee694be4f76cc
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81d0578118fff842d9f4bca285b2bb56712863ae7d833db616af1f095bcdac2c
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
828e47e36340566e5abda6fb77a10835794aeb272e2c0ba18476fc7bc5d44601
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82f910cc41d4b2a924c2a24715ea064d78bdc685c70f8fd2af48a560784c4486
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8379213f9b03a8786ba85d3a169dd0e6a4ff2a9f750d272e7a5527a38788cfed
85f7306b6eafc63519cd3a27b5e77374bf71779d7a1f57cf36bb62145beccfcb
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
865146c6a4e1c88b256ec74fa6ecd2ea3169616549937e0d4bc5cb560615e5e9
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87e22b9aca17f9e45bc115ef9e801e20fd6c167ff8e039ec552ce5b4726d116b
889225d4a9763a46a06e7e6a7aafe5c658277a6d0e37bb6c2a0b57eea676a781
88c2f9e70bfa5a498bd2533f7e2a6ee5f9f396607f2d2b2374612d24432191fa
88de0e9e8cca6604974f7244d995ee422e1859d97f2b77b63598f6f8650371f0
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8bff6fd62644d71cd884999a1c58a6857c73f87cc1d97a611ab9b60eb9a5bdd4
8c0c45bcb1183a4df28e414510fb1a84da4f4dcb318bd990f22c436b1cc82897
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f3c323623f90aa6e5068628c5efe593ecb86ca445b35b7a659d83ac304f43fb
8fb125717bd3c32a2f34d24a54a47012e4b0cec09342ab571b732ecf39f63cab
907314257cc4af4b6c9e331f249deeca8138ea7adbeff150bd89e73f915763ed
908a110d365e1e6cbd0c5f31f36199d0f84c7117f0199ba3408a53ee202c6ca7
90a5962f67b8b86078ab73b38c74abcd50871bc5397642c34b0f400c875b0de0
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
91d65879a99407062a8a3bd78bf3188b9f72f3fa937517f661e8c4b8884ce01f
9292160137bedd22eb3a9cdb89e097f76f4c167dbd8e9a2c9b44473c762b373f
93c4572a6972f95aa10fc62d3315213a892d86f671e3f2438c638b0e763a8008
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
9638fda31829fe9835a4aece7bf8607512a2b27305f210dc353dab1faf29e51c
96aa57f39a4b7755089b09930f3e5a055f30793e603732b68fe4d4edf8059d59
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96eaf0b312fc6c2ad418b6366bb6779b9f94ed4014ff49dd4f68ac0bf3c15d66
97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52
97f331ef777926cc6e066406d84cd11772272adc480eb8b3fa574fff193f3c78
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98dfdf56c0bc106381a6c432b1755713c03a3f2ba2c895e315865323ca3240ec
993c0a3d3f5652582bea8af19f8f5b5e6d13783712c440e583daafdb505b3ef0
994a59b51588d92b6a3b4d07d662f25e42775c27af6c12bdbc72b74cc2e13a54
9974bbe1847aad8076893aea2ec2de5d0eac1c58b1c95cd9187825a0506fa2d5
9a37ae8e7132f6c1c0edf62cfe019fb74cddb078ae1073f543b37fd94d947a2f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
9d2e5b5859cc62ce06eac6802fe02017acbb42f5e08cf44630f7a415dd45ab8f
9f935e262dd55537827320e3ed77c79f040adb22b576f40aa2c5fbc61b05ae89
9ff02474a0fdf7b183a95fd20ddef068e46e57b65961c94987be8bf2c0062cfa
a02811652bbe37a737ce3915a143a00b380be7f20da831ef6e229fa7596b56c0
a092ebf76fba793deef4914ea30f46047b563e586164dba2ff6cf9d514db37b6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b08a554731bb0805cabb8ca6a2d1eff4e090bf619c6123a20bbb3caebb701
a14bd4f8081f8c3e2addf343587658194b00f3118480e4e09e6e44dda56537c9
a224ed7440a99fc5a34dd9f7a3ad4025cba89c7e18ffbff7e58fbfc56b9b272d
a32b8e557c8749c20667735d54fe3d78b8b515606aca0dd55c507e0246b3d436
a36cdec5fc5dab87947031e5ab181584c5ceed3eed4088444b5e50f077af3ada
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a529751dd69b006acc32c3c768f6ac7cedfa2c64a6a4fadb29c1f63f7929b2f9
a71e252dc42a77110b7b7d868d100fe2b6719bd6a963996252a17279fece85da
a8d6ad508482ef8b981e9618255b72e1c0eb19728342aad5373df4161ce37d97
a9a85ce119c1063e3aa2c32ceacf6a50fcc07a1b7ff314e2d58f913253594d85
aa2621769327855ded880036d5283b631c4ccb0913c7b7a36b4078c8b2f25a84
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
aaba5c9a56af473a40539590e3f0cd9d397435e44cd98093400141f5418a46dd
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae4ebf47a893af26c9f146af0f337b50b181a99d0aaf217caa42b287e75d42b1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef87480fba7d9ba95fbf0794876e4e5ae83872531d590e4553e3cddf6668ac8
af1b9e04369d4b1f0e10adf55f66dc09d5ece14fb80ec8e7aa58a1fcd31ab99b
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c6f3696b3ff15165e59df7aef11e8aba98a60ef3efbaab8bd57682a207d223
b35343934f5daf1d52034f39701428673cacab68c8685c6614c48a6799ccffe4
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a38190c2ca475e14a42e06daf1a408bb1f013e45b343359c179f6ef4c2eaa3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b68b734793a0e1ff48bf9544bf1f131c667b280931d38235a1646c39849a3f06
b7ff640e6625cc37ee9f31809be199c6478e931d77f4fc32a7c5f358cc947884
b812b0f8c2e0872f1f833ffa86b1752ccd7bbb8808e5cbf5467e8e4b6333b20d
b87a459e3c3bf864087d851374ee19c8b6410f87f7aca98119e261b0224ea3f9
ba4b762e99c79cddc42f9088aef6cb95bda3cfb0ae7b5758f6584b4ae60d4071
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bd24a00cf2f6ebc98a34a06e9810e648d3eb50a47b92804fbeb0b471c21d0705
bd2b48839f8f2df346de158aeccd05f691060dce318f080667decfec1938aed0
bd7e6eada3578bb7388c88d0e8ee27418803b2b64b0038b21b8462063393b0f5
bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf009d69705f9635a31efcaafe16f4a201dc5e19176fb7d7d47c0006a091f6da
bf58010bc5e96de06fc6c7e0f3775c2e1786811e099abd7c8b93d9e9d0db9fcc
c08f2b37bb7fe0f21ccbe1e819bade3032f901ae48ab498d13a2aac501ce4cff
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c82d5fbf908e5c2fd6139e0fff97fc5c7806d1c601f1e33a0dcc32bce4bbd935
c8f420cbcb29f045f8b399da4f15de61660c5cb6242c7aa1e86b57fef6847185
c92732d7a242ea001a6f8df52f13141b40825f9a8e3471b533809203c36f22c2
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c9e4c29a2826d09da43c84484ef2b166ce068e56fa7779ff955c16d92391eacf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
cd286acf7c592fd02073cc5b37f90f86cd37b8b8d70e15f7af1493500fe4e186
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30414bb792b5ca304fd491dea7ebf6626d2acc86b6c2fcc0b12c2095764da4e
d65afaea1941caa2a6721df837e57df8be0391ec92d0459159bdd779c27b6ad0
d72705328bdc002d4569430e6c23792c057abd4665419bfcd2fb19b4a550a3cf
d7480513e1179158ace6117416f0e0b277709ca61e2e9af27465fe115d788e1c
d844b86d82150222558f514172992418d0ed374a9a5eec9878286f7ac0bfa6c0
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d9cc9647a23321050648b5a58e6fc28a47268f161693f2286f24ef975a2d350a
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
dce0b5384b005fc6dcc1deb5dc9b77683e3ea6b1fe8a636545a59f5615983592
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2050ed4a8ab3f74cc1a26ef380fdacc9004ec320d33bb088fccdbeef36cb657
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e39c40ff1effc47227ceeffdbc88c846ff688172aade25ec6f21fb19e9b45fd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e91aabae2f3eb33d79da5b99101d733aa155c7f8947908812a15bb343ed0c293
e936b11be5f1b687f137ab20178b8d2a15323576d5ed537426f9f04b4a358e59
ea106d11c9240ded57f8c09182abbbe348976d971dd5316ab7e04a921f742f24
eba95b33920a729b87c92f7da21b1494af2efd40e193ea7c4cdec7b5c66cf224
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578
ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e
ecc12f8414d5da580f8cdbcff0da9e32bd41013a26a7812b8a28a1df0975e4b4
ed9814c13ddc2afde490e65bb2ab5268e34b4640556d8e71a30822e852a20d77
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eeae64bcb49af43d3afd4f1e456aa82175e56b920636d83b229dda5e130e048e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdbdab8187539c4ffb26604f6842fc82a4f3e2c2fbd4a19296702ae55ce5927
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f0ae775ca91938ff95c7830233b07f3016da66e12171b22268daf23e0badf160
f13e4c7b056586ea4f32d6174bcb71d0bde28d79849e117d02ce39a5cb4e2421
f1b00c21c4f238309a8ee2eaf1bcb8852ec0bd1f0923c5cc39076387374e0cd5
f37396500663b3e2d053ae3dfd76d81b4a3dfac1238da8d76a41f220a54f8a25
f3ac36b5af51e70cff4247b84a20230dcc16276587a2d5326f40e7d2b73fe1eb
f4b784f884bc532f13b76e66025b8d95330163f35c740552cdf8cf9fbf2b9b02
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f756fcd9c73ee679d4d461d075af97937712945000ca336d1b4fe4c1a5a6ed7f
f9f93737b3350ba439b5ceabc73744a60c8389ecd4df0a8610ed88b1367e4436
fa66a4ee4751cc39661754261782f496669a12b4aa0cf1f36ab4c80d282f61ea
fae6e10f3db3169d4f0bfbb11e6bbb55694756a63fb07061306d54eb58def8b9
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fb38b4aa2417869b17445bbeaacea341adcd53ec3019a12ea0b94541119c144b
fc4df734f3615218486674269d6619f5aa359da11ec1ae4912a65ffa9443333e
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d
fd948a9836972efe029ee385fb2d2795ca988e5b6e50f8070430cfe848f8ff1b
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fe6e0fd2e712d1ee3e422835e652179d8ee8af6974d83339505a7c6e16dc4b81
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc