www.tripoto.com Open in urlscan Pro
34.107.249.112  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

• https://um.simpli.fi/gp_match?google_gid=CAESEEv2LkHDsP39y-d_WrfdUhk&google_cver=1&google_push=AXcoOmTk5k90EiqjBt1hhTrQP9zIHtQgR7bSPmSXpTff1prqkZVWCEvFUp0lSJRtUVmvV45rt-YIUs48D4jr66IyNawMYm9BK9rl HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4F0938B0F8F843618DEE02CEAB24C25A&google_push=AXcoOmTk5k90EiqjBt1hhTrQP9zIHtQgR7bSPmSXpTff1prqkZVWCEvFUp0lSJRtUVmvV45rt-YIUs48D4jr66IyNawMYm9BK9rl

Request Chain 118

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBPehzl7IePtcAznju-Ipeg&google_cver=1&google_push=AXcoOmQ_jzdY8V4Fy7yweMVHGQSjHq6ubbkGEBboDufvyj8UsfoZj6ZBjPJtLPbe5_DEQKCnDNUTVxeaflMY5OKjEnD2ee502HCvGw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ_jzdY8V4Fy7yweMVHGQSjHq6ubbkGEBboDufvyj8UsfoZj6ZBjPJtLPbe5_DEQKCnDNUTVxeaflMY5OKjEnD2ee502HCvGw&google_hm=LvRip05YRv-6-P6VCzYnxYw

Request Chain 119

• https://rtb.openx.net/sync/dds?google_gid=CAESEHZjRWogfiRKG15k7-PLpuM&google_cver=1&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg HTTP 302
• https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEHZjRWogfiRKG15k7-PLpuM&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg&google_hm=bCewTlRKzqc7_eQt91Tt0w==

Request Chain 120

• https://match.360yield.com/match/ebda?google_gid=CAESEF7vhej8cUsXKlFIEOTGCtk&google_cver=1&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIGPLtYdr_YVYzHMg HTTP 302
• https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF7vhej8cUsXKlFIEOTGCtk&google_cver=1&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIGPLtYdr_YVYzHMg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dTJSM9EeQLKKK2nZuv3Ljw&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIGPLtYdr_YVYzHMg

Request Chain 121

• https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJtGwrwbqnzBY5pkqgYmk7Q&google_cver=1&google_push=AXcoOmSK9cEm6Gf1oZpyQwdgYNb74GSJc8AhsV4kDdeT1MOVf7pX5QtnmrtZA-p6vQABr_0sRgC4hZnxMm8IPQHWsLyp3zv-4XUiZQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSK9cEm6Gf1oZpyQwdgYNb74GSJc8AhsV4kDdeT1MOVf7pX5QtnmrtZA-p6vQABr_0sRgC4hZnxMm8IPQHWsLyp3zv-4XUiZQ&google_hm=MzAwODkwMjgxMDc1NjI5NjczMA%3D%3D

Request Chain 122

• https://sync.inmobi.com/gob?google_gid=CAESEFpEQTM0zxuSUtQz2hFAyuI&google_cver=1&google_push=AXcoOmR4k_8cQ3YdjZiaP6c6b9UEL1RJQd_RWB36sBdYhGFNBSGQBzZPPE04jiEeibxIvHkwZUQ95gl1x0XnSca_9c1gnuWsC2237Q HTTP 302
• https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR4k_8cQ3YdjZiaP6c6b9UEL1RJQd_RWB36sBdYhGFNBSGQBzZPPE04jiEeibxIvHkwZUQ95gl1x0XnSca_9c1gnuWsC2237Q

Request Chain 126

• https://rtb.openx.net/sync/dds?google_gid=CAESEKSGmoDJpuV2ZwwfZhZDOgg&google_cver=1&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC HTTP 302
• https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEKSGmoDJpuV2ZwwfZhZDOgg&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC&google_hm=bCewTlRKzqc7_eQt91Tt0w==

Request Chain 127

• https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECIR08Mho1W3J62mU9o_BG0&google_cver=1&google_push=AXcoOmREPAabEHfmsKN4IxTdnb2kpUfNiFZB2983ojjhXJ1z-wQPVdY3NOk596DLAduu6Ecl_FyUjGKqMozqV7LDk5dYXnSho93L HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1WhzkF82XvtJU-jMppOA7VFYv4w&google_push=AXcoOmREPAabEHfmsKN4IxTdnb2kpUfNiFZB2983ojjhXJ1z-wQPVdY3NOk596DLAduu6Ecl_FyUjGKqMozqV7LDk5dYXnSho93L

Request Chain 129

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_cver=1&google_push=AXcoOmTvU8tZK-M_Bmd9jhRTuJFhdGXA_Nq1ckuCVTLgdqH6v3jnGBT_etPRbo9vldRARELvdNpSVjIiw7rGpiazqEqVWuhrrBDj HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_push=AXcoOmTvU8tZK-M_Bmd9jhRTuJFhdGXA_Nq1ckuCVTLgdqH6v3jnGBT_etPRbo9vldRARELvdNpSVjIiw7rGpiazqEqVWuhrrBDj&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_hm=ZUQWeaT8YjYCa9NHQZ3iQgAADRwAAAIB&google_nid=index&google_push=AXcoOmTvU8tZK-M_Bmd9jhRTuJFhdGXA_Nq1ckuCVTLgdqH6v3jnGBT_etPRbo9vldRARELvdNpSVjIiw7rGpiazqEqVWuhrrBDj

Request Chain 130

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHMBznFCoyrN8nWbqlA-Ec0&google_cver=1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698961017969 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-e0218b76-83f1-4078-88a0-b28956353eb0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM%26google_hm%3DA-Ahi3aD8UB4iKCyiVY1PrA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA

Request Chain 131

• https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOND7Aku4Hqh3yHLJzaP0ag&google_cver=1&google_push=AXcoOmTdHM1HCz-3XBbBSxwUPnYIOuXTB4zhF2M9tcYWf5N39KqQ_l6-WYrfvymgZ6iyS5GuKCtOq0lF5tYQBc9bzwbLtj81PAI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTdHM1HCz-3XBbBSxwUPnYIOuXTB4zhF2M9tcYWf5N39KqQ_l6-WYrfvymgZ6iyS5GuKCtOq0lF5tYQBc9bzwbLtj81PAI&google_hm=OTIyNDc3ODA5NDA1NjM2NjI4

Request Chain 132

• https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHuxP-MWsZL7pZlFBF4riFo&google_cver=1&google_push=AXcoOmRSjFfm4sQZPmheoka5HszdzT8SFiT3h7oH7eJCFdsI8bPAincJ3GZwWj7t8PHRgah_p0Tomwckr_iO-HLSxH-snQWDTugcsg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRSjFfm4sQZPmheoka5HszdzT8SFiT3h7oH7eJCFdsI8bPAincJ3GZwWj7t8PHRgah_p0Tomwckr_iO-HLSxH-snQWDTugcsg&google_hm=NjM0NzEzMTI2ODA3NTU5MTMyOQ==

Request Chain 136

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMFDJbgRiNw6aptJ-Fnqf24&google_cver=1&google_push=AXcoOmQZeP7gUCE74JH2gKBm475fcO1kygnqBUZZ_71zfCIxDCYAG3l_cImRT0aubkj9e0DZk-VeU4xuOyd5MRArQg65j2vNIQ1x3A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFDJbgRiNw6aptJ-Fnqf24&google_push=AXcoOmQZeP7gUCE74JH2gKBm475fcO1kygnqBUZZ_71zfCIxDCYAG3l_cImRT0aubkj9e0DZk-VeU4xuOyd5MRArQg65j2vNIQ1x3A

Request Chain 137

• https://um.simpli.fi/gp_match?google_gid=CAESEFi6cloxltuKBh2dpkWIzDc&google_cver=1&google_push=AXcoOmRToh76xPszqGSH4na44HBI2SpRyeEXkjd-cjRWB_klZBZMPDkDrzC_9lSwgvICrTnQ_ZtO0WU5XrrBGRK9zUsO1e2VlfFs HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26B5972BB84945A19041F033FB36DDDA&google_push=AXcoOmRToh76xPszqGSH4na44HBI2SpRyeEXkjd-cjRWB_klZBZMPDkDrzC_9lSwgvICrTnQ_ZtO0WU5XrrBGRK9zUsO1e2VlfFs

Request Chain 138

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGNtWR0wb4iyu7Rcbv6AJF8&google_cver=1&google_push=AXcoOmRxEDqjIl0WeNcUeM_-IRKVKVeP0FIKF8GP43sJViDtRLAu6J1UzM7d5ky5UH6PAFluGsKrw2LxhfvcV3m-pyVfH_MhpepIFg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxEDqjIl0WeNcUeM_-IRKVKVeP0FIKF8GP43sJViDtRLAu6J1UzM7d5ky5UH6PAFluGsKrw2LxhfvcV3m-pyVfH_MhpepIFg

Request Chain 140

• https://google.partners.tremorhub.com/sync?UIDF=CAESEJ2smJ4QMCLakUCo2arZYns&google_cver=1&google_push=AXcoOmRKRci4o8WcLl0ZjcSuw8GucdEKRTzovptN_xXQvDTYTxYd_OlpTPQwBXPyRr8LC59q8unHei_OeeqzANwy8mPi79NEKcitYg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NjM1NjM1YTRiM2M2NDcxYzljMzk2YTBkOGE5NDFjMGI%3D&UIDF=CAESEJ2smJ4QMCLakUCo2arZYns&google_cver=1&google_push=AXcoOmRKRci4o8WcLl0ZjcSuw8GucdEKRTzovptN_xXQvDTYTxYd_OlpTPQwBXPyRr8LC59q8unHei_OeeqzANwy8mPi79NEKcitYg

Request Chain 141

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECZ8RrjONY7kWOHmzdAxHwI&google_cver=1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698961017969 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-e0218b76-83f1-4078-88a0-b28956353eb0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg%26google_hm%3DA-Ahi3aD8UB4iKCyiVY1PrA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA

Request Chain 142

• https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS3zc4jHQ6yBq9nB7utPgmeYfcXf3mRD9bQesBHugbNI6_yWbD_b-BAPiRcX43nyyu9-gxZjyEIDN0hitTyWvh-4ypI93S-Y9k&google_gid=CAESEPwPo2lerDSHbTjTqD7z3v4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwPo2lerDSHbTjTqD7z3v4&google_hm=T1BVY2I1ZjYyMGFjM2I1NGQ4YzlhMGVlMWM4YmM3ZmMzNTE&google_nid=opera_norway_as&google_push=AXcoOmS3zc4jHQ6yBq9nB7utPgmeYfcXf3mRD9bQesBHugbNI6_yWbD_b-BAPiRcX43nyyu9-gxZjyEIDN0hitTyWvh-4ypI93S-Y9k

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request d9430773-76f6-11ee-9e97-4201ac1d0034 Show response www.tripoto.com/trip/	140 KB 33 KB	725ms 615ms	Document text/html	34.107.249.112 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.249.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 112.249.107.34.bc.googleusercontent.com Software nginx / Resource Hash fd7a73e59c262730570d1773998b6c08007d290f200da88b6cb479b226d66e3e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-type text/html; charset=utf-8 date Thu, 02 Nov 2023 21:36:51 GMT etag W/"23187-KvzlYcNishlATB8Il8mU2T1bJZw" server nginx strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 google x-cache MISS x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	tripoto.svg cdn1.tripoto.com/assets/2.9/img/logo/	4 KB 2 KB	149ms 39ms	Image image/svg+xml	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.tripoto.com/assets/2.9/img/logo/tripoto.svg Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 69c2175a46e5f77e52396febb5859953d5d3f2369a63c2c0fc426eb86a02c6d6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 28 Oct 2023 18:19:33 GMT via 1.1 google age 443839 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1784 x-xss-protection 1; mode=block last-modified Thu, 01 Nov 2018 17:41:42 GMT server nginx etag W/"f4d-166d05dd785" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800,public expires Sat, 04 Nov 2023 18:19:33 GMT
GET H2	200	fontawesome-webfont.woff2 cdn.tripoto.com/assets/255338c22f30daceb9bd093b487ea63d/css/fonts/	75 KB 76 KB	157ms 45ms	Font font/woff2	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/255338c22f30daceb9bd093b487ea63d/css/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.tripoto.com/ Origin https://www.tripoto.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff date Fri, 27 Oct 2023 19:39:26 GMT age 525446 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77160 x-xss-protection 1; mode=block last-modified Thu, 01 Nov 2018 17:41:42 GMT server nginx etag W/"12d68-166d05dd785" x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=604800,public accept-ranges bytes expires Fri, 03 Nov 2023 19:39:26 GMT
GET H2	200	CircularAirPro-Bold.otf cdn1.tripoto.com/assets/css/fonts/	86 KB 87 KB	155ms 40ms	Font font/otf	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn1.tripoto.com/assets/css/fonts/CircularAirPro-Bold.otf Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 32f11b1291d286ba41fd75ad5927a59fd3b93e9d07fb10bca47da7202c958509 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.tripoto.com/ Origin https://www.tripoto.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff date Fri, 27 Oct 2023 07:32:01 GMT age 569091 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 88392 x-xss-protection 1; mode=block last-modified Thu, 01 Nov 2018 17:41:42 GMT server nginx etag W/"15948-166d05dd77d" x-download-options noopen x-frame-options SAMEORIGIN content-type font/otf access-control-allow-origin * cache-control max-age=604800,public accept-ranges bytes expires Fri, 03 Nov 2023 07:32:01 GMT
GET H2	200	stylesheet.css cdn.tripoto.com/assets/255338c22f30daceb9bd093b487ea63d/css/public/	170 KB 32 KB	72ms 72ms	Stylesheet text/css	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/255338c22f30daceb9bd093b487ea63d/css/public/stylesheet.css Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 8108cc9ca57efdcebde8c58866ec16958e6351a0b751c2f518de6bd95a8a7602 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 27 Oct 2023 19:39:26 GMT via 1.1 google age 525446 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32147 x-xss-protection 1; mode=block last-modified Fri, 04 Aug 2023 12:52:53 GMT server nginx etag W/"2a775-189c09ba75c" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Fri, 03 Nov 2023 19:39:26 GMT
GET H2	200	view-trip.css cdn.tripoto.com/assets/346ca1719126ca753a4aeb0023e2f082/css/public/	7 KB 2 KB	79ms 78ms	Stylesheet text/css	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/346ca1719126ca753a4aeb0023e2f082/css/public/view-trip.css Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 95494dbfb7cc5e890dd825ce8b3534db557deba2a3ec9cc4a051dadd4f963e7d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 20:39:44 GMT via 1.1 google age 3428 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2121 x-xss-protection 1; mode=block last-modified Tue, 25 Jan 2022 18:15:04 GMT server nginx etag W/"1d11-17e9272cd73" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Thu, 09 Nov 2023 20:39:44 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	301 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5b885bcb7d3f417a3ab023abb74082ca6342b2b5138a51c59e5932a6cdea0741 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	MetaSerifPro-Book.otf cdn.tripoto.com/assets/346ca1719126ca753a4aeb0023e2f082/css/fonts/	156 KB 157 KB	50ms 49ms	Font font/otf	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/346ca1719126ca753a4aeb0023e2f082/css/fonts/MetaSerifPro-Book.otf Requested by Host: cdn.tripoto.com URL: https://cdn.tripoto.com/assets/346ca1719126ca753a4aeb0023e2f082/css/public/view-trip.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 36df0a1cfafd143871671f589ad905cc8384b4c9973220b38470667a50cef413 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://cdn.tripoto.com/assets/346ca1719126ca753a4aeb0023e2f082/css/public/view-trip.css Origin https://www.tripoto.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff date Sat, 28 Oct 2023 18:06:47 GMT age 444605 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 160212 x-xss-protection 1; mode=block last-modified Thu, 01 Nov 2018 17:41:42 GMT server nginx etag W/"271d4-166d05dd781" x-download-options noopen x-frame-options SAMEORIGIN content-type font/otf access-control-allow-origin * cache-control max-age=604800,public accept-ranges bytes expires Sat, 04 Nov 2023 18:06:47 GMT
GET H2	200	header-blue.svg cdn1.tripoto.com/assets/2.9/img/logo/	4 KB 2 KB	56ms 56ms	Image image/svg+xml	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.tripoto.com/assets/2.9/img/logo/header-blue.svg Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 0dc8b5b526dd8d1052780cbbc0b4591210807a7fc67e80407c7d1d53a5316cb0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 28 Oct 2023 18:06:47 GMT via 1.1 google age 444605 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1793 x-xss-protection 1; mode=block last-modified Thu, 01 Nov 2018 17:41:42 GMT server nginx etag W/"f54-166d05dd785" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=604800,public expires Sat, 04 Nov 2023 18:06:47 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	840ms 55ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 02 Nov 2023 21:36:53 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug pXu1hro3zabFwrCYZ9qtPzW/GbebEGPVwfe7ZZjKcBXcryUPspyZACbparVIVl3WOm0Vl+lM6JP+1sykHVBrSw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	831ms 44ms	Script text/javascript	142.250.184.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 19:49:42 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6431 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 02 Nov 2023 21:49:42 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	278 KB 91 KB	837ms 68ms	Script application/javascript	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V5P3L98JHL Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash 67a77cae8e927672a529c8fac236f5785f97a42fd4c15648d659fe0427e1c14d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93125 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 02 Nov 2023 21:36:53 GMT
GET H2	200	mini-logo.png cdn1.tripoto.com/assets/2.9/img/logo/	571 B 696 B	55ms 54ms	Image image/png	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn1.tripoto.com/assets/2.9/img/logo/mini-logo.png Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 744a237a07b49512d558f31be4faf32780f0f03402d302ba6cfe874fe26cb8fa Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff date Sat, 28 Oct 2023 18:19:34 GMT age 443838 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 571 x-xss-protection 1; mode=block last-modified Tue, 25 Jan 2022 18:15:04 GMT server nginx etag W/"23b-17e9272cddf" x-download-options noopen x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control max-age=604800,public accept-ranges bytes expires Sat, 04 Nov 2023 18:19:34 GMT
GET H2	200	1698650871_acg8ockf9_su9g_hvzis1vwvcmwgbp5x_sqzrynblw3a1tt_s96_c.webp static2.tripoto.com/media/filter/mss/gen/2488881/UserPhoto/	1 KB 2 KB	1050ms 1041ms	Image image/png	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://static2.tripoto.com/media/filter/mss/gen/2488881/UserPhoto/1698650871_acg8ockf9_su9g_hvzis1vwvcmwgbp5x_sqzrynblw3a1tt_s96_c.webp Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx/1.14.1 / PHP/5.6.10 Resource Hash 2b29ce4dfbbf792e68e9de9ec002833631b60d78d98dcd6e4b87d422d5736c96 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:53 GMT via 1.1 google last-modified Mon, 29 Aug 2016 06:54:17 GMT server nginx/1.14.1 x-powered-by PHP/5.6.10 content-type image/png cache-control public accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1252
GET H2	200	1698651467_imgpsh_fullsize_anim_10_copy.jpg.webp static2.tripoto.com/media/filter/nl/img/2488881/Image/	26 KB 27 KB	632ms 623ms	Image image/webp	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://static2.tripoto.com/media/filter/nl/img/2488881/Image/1698651467_imgpsh_fullsize_anim_10_copy.jpg.webp Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx/1.14.1 / Resource Hash 3d6e28b0ffa4f140430ccdb0b1a5d3f9667782ea402281921da751b64c7f1c33 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:52 GMT via 1.1 google x-guploader-uploadid ABPtcPrmgN0i-Dbu416jlak-zH513IChnGDUQrbKg6qqdgyiCDNwfev2-zUXrOcEW19pnu-UBTOX7e6uZA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27040 last-modified Mon, 30 Oct 2023 07:37:56 GMT server nginx/1.14.1 etag "59df20b0489d00d26143dae6c1ee4b94" x-goog-generation 1698651476531667 content-type image/webp x-goog-hash crc32c=y6a8gQ==, md5=Wd8gsEidANJhQ9rmwe5LlA== cache-control Cache-Control:,public,max-age=3600 x-goog-stored-content-length 27040 accept-ranges bytes
POST H2	200	collect Show response www.google-analytics.com/j/	30 B 236 B	59ms 58ms	XHR text/plain	142.250.184.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=300002533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&ul=en-us&de=UTF-8&dt=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1646836062&gjid=2056372498&cid=829502827.1698961013&tid=UA-33638634-2&_gid=1380046112.1698961013&_r=1&_slc=1&cd2=%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&cd3=trip&cd5=false&z=387904285 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f14.1e100.net Software Golfe2 / Resource Hash d89e398bffe6badf0665b121a48fac85a4801590d6635790f2b9bea3172ec34e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tripoto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	850205911699903 Show response connect.facebook.net/signals/config/	142 KB 37 KB	60ms 59ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/850205911699903?v=2.9.138&r=stable&domain=www.tripoto.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 25b64b923c6fdda35ec3bebedc11bd6cfaf28c0c8d28ef5f0ecd5b0a90a77c2a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 02 Nov 2023 21:36:53 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 37458 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug ugMFDxwqYUnHW6fBO9p78ikCMU/igeYLgbCDrXWSzVM6V40/Mus2MaajIhNXHliE7Swj67YPwEWN3GytM10NnA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	486ms 71ms	XHR text/plain	173.194.76.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33638634-2&cid=829502827.1698961013&jid=1646836062&gjid=2056372498&_gid=1380046112.1698961013&_u=YEBAAAAAAAAAACAAI~&z=701994083 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.76.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ws-in-f154.1e100.net Software Golfe2 / Resource Hash 3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 02 Nov 2023 21:36:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tripoto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 254 B	483ms 62ms	Ping text/plain	216.239.32.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-V5P3L98JHL&gtm=45je3b11v873750459&_p=300002533&_gaz=1&gcd=11l1l1l1l1&cid=829502827.1698961013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698961013&sct=1&seg=0&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&dt=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&en=page_view&_fv=1&_ss=2&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V5P3L98JHL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:53 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tripoto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	457ms 72ms	Ping text/plain	173.194.76.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V5P3L98JHL&cid=829502827.1698961013&gtm=45je3b11v873750459&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V5P3L98JHL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.76.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ws-in-f154.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:53 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tripoto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	js www.googletagmanager.com/gtag/	0 0	60ms 59ms	Script text/html	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TBZVGV8DVY&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software / Resource Hash Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	404	js www.googletagmanager.com/gtag/	0 0	59ms 58ms	Script text/html	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JZC6MW5DGH&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software / Resource Hash Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	ga-audiences www.google.ch/ads/	42 B 408 B	484ms 57ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V5P3L98JHL&cid=829502827.1698961013&gtm=45je3b11v873750459&aip=1&z=1824486500 Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	464ms 56ms	Image image/gif	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33638634-2&cid=829502827.1698961013&jid=1646836062&_u=YEBAAAAAAAAAACAAI~&z=1102361893 Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ch/ads/	42 B 107 B	57ms 57ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33638634-2&cid=829502827.1698961013&jid=1646836062&_u=YEBAAAAAAAAAACAAI~&z=1102361893 Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	bundle-min.js Show response cdn.tripoto.com/assets/d379d2fe104f420fe8229c692ef34a25/js/public/	132 KB 44 KB	57ms 56ms	Script application/javascript	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/d379d2fe104f420fe8229c692ef34a25/js/public/bundle-min.js Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash 1cc68d1245e6278da8fb365a692349a4e9a08ac7a37a6e4e58a13d7b5a9c04dc Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 31 Oct 2023 21:16:52 GMT via 1.1 google age 174002 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45451 x-xss-protection 1; mode=block last-modified Wed, 18 Oct 2023 15:29:02 GMT server nginx etag W/"20f91-18b4367915f" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Tue, 07 Nov 2023 21:16:52 GMT
GET H3	200	view-trip.min.js Show response cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/	3 MB 822 KB	65ms 65ms	Script application/javascript	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/view-trip.min.js Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash da3446e93f16a5c42a326244fd8920d60da645a63fc29a899a62598e56e184c8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 27 Oct 2023 20:54:33 GMT via 1.1 google age 520941 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block last-modified Tue, 08 Aug 2023 12:49:06 GMT server nginx etag W/"2e36e4-189d5319de3" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Fri, 03 Nov 2023 20:54:33 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	97 KB 31 KB	544ms 122ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash 0676468fb3c30776b13df3f18f59fbbf378a05d9029449af7e375d51a97302de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:54 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30762 x-xss-protection 0 server cafe etag 747 / 19663 / 31079371 / config-hash: 8628985261000830790 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 02 Nov 2023 21:36:54 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	210 KB 75 KB	75ms 75ms	Script application/javascript	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-984113598 Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash e0fa56fd07c4145d1b06a3b8af1c4e5a94611ddcae400e443f3d6e7f1c421b07 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76527 x-xss-protection 0 last-modified Thu, 02 Nov 2023 21:02:15 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Nov 2023 21:36:54 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	210 KB 75 KB	76ms 75ms	Script application/javascript	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-984113598&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V5P3L98JHL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash d4b55d1fbdcdc21414492a472eff919caaeba6073ad62c5ee93965f5787735b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:54 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76557 x-xss-protection 0 last-modified Thu, 02 Nov 2023 21:02:15 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 02 Nov 2023 21:36:54 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	58ms 58ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.tripoto.com URL: https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash e4ef94901bf9882f7875e8f4250b16bfe1cb37af7429f2c2398cc771d64a447f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 21:36:54 GMT content-md5 2frNrUDE7OypXkmQ/i5ufA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1685 reporting-endpoints x-fb-debug T+E1ey19+lN7DLszTORSfJoQleXL8QTij/+2LVSMkw3zmaHvhmkg0rLfyHFvw9gKmqkjFTsBuu8RWYBDsa+kEQ== x-fb-content-md5 a06b52e1d3b46e7f55e3e999e933d9b3 cross-origin-opener-policy same-origin-allow-popups etag "cfbe540ba519ed0f2b042fb76e55e8c2" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Thu, 02 Nov 2023 21:38:34 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	302 KB 87 KB	759ms 56ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=1ceefafad7f0f617892cf8bca086786e Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 61c52417bc6da14892ccb92d14c74177e1aae4f23de2764e29ccfaeffb6a80ad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.tripoto.com/ Origin https://www.tripoto.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 21:36:55 GMT content-md5 BYi9fkWmnlAUxrpBIwS+2Q== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88302 reporting-endpoints x-fb-debug IkvMbhGpeau+iCIIT1ykfU/cgSe9gc2PQStHXmwlvafBLPNa/CmX55ruDLqGF9zPkllwsDV6gfAgHeyeVV4ZPg== x-fb-content-md5 287be3ac177a4447c8c02b326b3573ed cross-origin-opener-policy same-origin-allow-popups etag "f128e1ee9dfa8c323b0f79d6455b12d7" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Fri, 01 Nov 2024 19:10:36 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/984113598/	3 KB 2 KB	473ms 64ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984113598/?random=1698961014355&cv=11&fst=1698961014355&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100617121&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&hn=www.googleadservices.com&frm=0&tiba=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&auid=1542732399.1698961014&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-984113598&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash f189e17de724fcc197abd4f4369fda84c8e371c807a0d016134eecb24b5c7502 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1349 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 31 B	484ms 79ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=850205911699903&ev=ViewContent&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&rl=&if=false&ts=1698961014398&cd[content_name]=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&cd[page_type]=trip&cd[traffic_source]=&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1698961014395.1839267371&ler=empty&it=1698961013248&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 02 Nov 2023 21:36:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 31 B	485ms 79ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=850205911699903&ev=PageView&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&rl=&if=false&ts=1698961014424&cd[traffic_source]=&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1698961014395.1839267371&hmd=959248b8990971ba21a420e5&pl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&ler=empty&it=1698961013248&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 02 Nov 2023 21:36:54 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	/ Show response www.facebook.com/tr/ Frame E4FE	0 203 B	475ms 78ms	Document text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.tripoto.com Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.tripoto.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 21:36:54 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H3	200	2447.4e362002a579a7c6546c.min.js cdn.tripoto.com/assets/chunks/public/	0 6 KB	46ms 45ms	Other application/javascript	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/chunks/public/2447.4e362002a579a7c6546c.min.js Requested by Host: cdn.tripoto.com URL: https://cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/view-trip.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 02 Nov 2023 14:49:19 GMT via 1.1 google age 24455 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6466 x-xss-protection 1; mode=block last-modified Tue, 15 Jun 2021 20:39:16 GMT server nginx etag W/"4c31-17a11665429" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Thu, 09 Nov 2023 14:49:19 GMT
GET H3	200	2358.71eeb831d0959debf720.min.js cdn.tripoto.com/assets/chunks/public/	0 18 KB	60ms 58ms	Other application/javascript	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/chunks/public/2358.71eeb831d0959debf720.min.js Requested by Host: cdn.tripoto.com URL: https://cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/view-trip.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 27 Oct 2023 21:45:23 GMT via 1.1 google age 517891 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18042 x-xss-protection 1; mode=block last-modified Mon, 03 Oct 2022 13:22:51 GMT server nginx etag W/"11116-1839e037952" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Fri, 03 Nov 2023 21:45:23 GMT
GET H3	200	6684.7da428996115a127cb1a.min.js cdn.tripoto.com/assets/chunks/public/	0 7 KB	50ms 48ms	Other application/javascript	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/chunks/public/6684.7da428996115a127cb1a.min.js Requested by Host: cdn.tripoto.com URL: https://cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/view-trip.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 27 Oct 2023 11:47:15 GMT via 1.1 google age 553779 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7033 x-xss-protection 1; mode=block last-modified Thu, 20 Jul 2023 08:30:39 GMT server nginx etag W/"5356-189726c2c32" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Fri, 03 Nov 2023 11:47:15 GMT
GET H3	200	view-trip-form-and-cms.02be15be8f6988281fcb.min.js cdn.tripoto.com/assets/chunks/public/	0 79 KB	60ms 59ms	Other application/javascript	35.227.204.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.tripoto.com/assets/chunks/public/view-trip-form-and-cms.02be15be8f6988281fcb.min.js Requested by Host: cdn.tripoto.com URL: https://cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/view-trip.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.204.94 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 94.204.227.35.bc.googleusercontent.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 28 Oct 2023 10:54:35 GMT via 1.1 google age 470539 x-dns-prefetch-control off x-cache MISS alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80869 x-xss-protection 1; mode=block last-modified Tue, 08 Aug 2023 12:49:06 GMT server nginx etag W/"48408-189d531a173" x-download-options noopen x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800,public expires Sat, 04 Nov 2023 10:54:35 GMT
GET DATA	200 OK	truncated /	614 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6557bddf599f99014465f37259441153ea76edfba084406ad40f6b4a6059cb86 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	d9430773-76f6-11ee-9e97-4201ac1d0034 Show response www.tripoto.com/api/1.0/trips/	2 KB 1 KB	511ms 510ms	Fetch application/json	34.107.249.112 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.tripoto.com/api/1.0/trips/d9430773-76f6-11ee-9e97-4201ac1d0034?embed=user&static_links=1&strip_document_caption=false&nolog=1&inhouse_ads=1&video_ads=false Requested by Host: cdn.tripoto.com URL: https://cdn.tripoto.com/assets/92f8ac07d700b9cd1291796870f48480/public/view-trip.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.249.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 112.249.107.34.bc.googleusercontent.com Software nginx / Resource Hash 818c683af8d1678c7e600ed09eeae244236123882c0598d769e3cbfd04809ac8 Request headers accept application/json Referer https://www.tripoto.com/trip/d9430773-76f6-11ee-9e97-4201ac1d0034 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Web-Req 1 Response headers date Thu, 02 Nov 2023 21:36:55 GMT content-encoding gzip via 1.1 google server nginx vary Accept-Encoding p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	/ www.google.com/pagead/1p-user-list/984113598/	42 B 154 B	59ms 57ms	Image image/gif	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/984113598/?random=1698961014355&cv=11&fst=1698958800000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100617121&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&frm=0&tiba=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhbLZtNHwcOykWVZ0EE6PceeF5fBEMg&random=2757902990&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:55 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/984113598/	42 B 154 B	57ms 56ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/984113598/?random=1698961014355&cv=11&fst=1698958800000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100617121&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&frm=0&tiba=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNhbLZtNHwcOykWVZ0EE6PceeF5fBEMg&random=2757902990&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:55 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/	425 KB 133 KB	47ms 46ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 15:04:54 GMT content-encoding br x-content-type-options nosniff age 23521 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136288 x-xss-protection 0 server cafe etag 17302374607849014435 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 01 Nov 2024 15:04:54 GMT
GET H2	200	status www.facebook.com/x/oauth/	0 0	71ms 70ms	Fetch text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=546191595440610&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&sdk=joey&wants_cookie_data=true Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=1ceefafad7f0f617892cf8bca086786e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload date Thu, 02 Nov 2023 21:36:55 GMT x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" pragma no-cache x-fb-debug WxBUSNnk3dd54vmH88++qUAQxTem4RxvXIl7UvZ+r5eeY39oH7OwcAD9JP9VlyRunOEjgiGo2sB1gF1aSCBTHg== fb-s unknown report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	21723537508 Show response fundingchoicesmessages.google.com/i/	161 KB 53 KB	502ms 84ms	Script application/javascript	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/21723537508?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash 41205cf045ba6263f7a6c96ef8d7cdb411ca99277a4fdceb65e1e10fc61c910a Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sRLXCYela6l7QHEBYpXs9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:55 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-sRLXCYela6l7QHEBYpXs9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	660 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d6cf2b0ee0eee200e0bc416b2125293cece63a5c0624bfe10e97e522b3a367fb Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cbd17639759631a777f2da8ecaf9b465a3a8c320a0425d695b2fd0b53e6229f4 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	452 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ebac59278ce73eddc1d239725f2969af2ca44020039e708c1b22d742c6dd79b6 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 489414ee81ed4d88de5a6ca869f06f0c76bc25d1adfb825be8cc8c0390764f2e Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash afe9c9d4e8ebaa9a184d30a1f47b852767c8e6b21b8275f6946d1950b3e9fa5a Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	859 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0040567ec29f72b4751fdc0837de57ca533d6b5e23252c591213aac53f24d44 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	AGSKWxViZE24d1GVz04P8iX-7IMjxtnLjm9PCDCVfh3-Ye2XF0R7hLvKm0AKyYwxtQx3wVjhL8SsGNsnpMS5igjNTy0CmxlKPLartfV-UmsBFP_E5cMHaTPE-BlUcOGETFGG1ELBy3Ljew== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	416ms 414ms	Script application/javascript	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxViZE24d1GVz04P8iX-7IMjxtnLjm9PCDCVfh3-Ye2XF0R7hLvKm0AKyYwxtQx3wVjhL8SsGNsnpMS5igjNTy0CmxlKPLartfV-UmsBFP_E5cMHaTPE-BlUcOGETFGG1ELBy3Ljew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4OTYxMDE1LDc3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudHJpcG90by5jb20vdHJpcC9kOTQzMDc3My03NmY2LTExZWUtOWU5Ny00MjAxYWMxZDAwMzQiLG51bGwsW1s4LCJHOGZ1eXlIZ21ZQSJdLFs5LCJkZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash f5485623c6bf7a76367a53d98e8ad7917726e87be60ee14c1c18b960081e76cc Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-svN-pL2oZPxnhHa8fXDygA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-svN-pL2oZPxnhHa8fXDygA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	757 B 918 B	577ms 575ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CTrip_Pages_Top_Resp&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015838&lmt=1698961015&adxs=338&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=728x0&msz=728x0&fws=4&ohw=728&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=2459909142&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash e610cbac33212c4f4d640279915a9d755015116a888c656685b68a50c1b347e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	539 B 564 B	1444ms 1442ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CMid_Trip_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015848&lmt=1698961015&adxs=338&adys=1866&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=3658332311&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash b2bd7a0d0070323ae27cc3e1d39fd226d15ebad8572225e1925faca67bd727a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 261 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	614 B 574 B	979ms 977ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CMid_Trip_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015852&lmt=1698961015&adxs=338&adys=3417&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=1199643517&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash 6113641e18c0562a1064e53ca4bd53b88240e1ba891d5345e5f3994fe6181ef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 269 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	42 KB 18 KB	788ms 787ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CMid_Trip_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015855&lmt=1698961015&adxs=338&adys=4896&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=3846713903&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash 4363a0daa7954c62552d577bc4116173101cec7340c5197bee3cccfd9070f05d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18314 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	42 KB 18 KB	1444ms 1443ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CSkyScrapper&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015857&lmt=1698961015&adxs=1096&adys=659&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=295x0&msz=295x0&fws=516&ohw=295&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=1650752698&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash 40acd7792e3fea8f39d115ce1fdb2da6e0f0ff45ad473a648c843759a559309f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18578 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	42 KB 18 KB	1196ms 1195ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CTrip_Pages_Bottom_Responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015860&lmt=1698961015&adxs=338&adys=7551&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=728x0&msz=728x0&fws=4&ohw=728&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=1351699796&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash 70110fc04f344e309e126404474bfc523b030411f568c14f527d50d65b7b3a43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18274 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	541 B 573 B	1446ms 1445ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4414626728775261&correlator=2632900075013417&eid=31079301%2C31079371%2C31079233&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&gdpr=0&iu_parts=21723537508%2CAdsolut_Test&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698961015862&lmt=1698961015&adxs=0&adys=7684&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&vis=1&psz=1600x7624&msz=0x-1&fws=0&ohw=0&ga_vid=829502827.1698961013&ga_sid=1698961016&ga_hid=300002533&ga_fc=true&dlt=1698961012057&idt=3090&cust_params=url%3D%252Ftrip%252Fd9430773-76f6-11ee-9e97-4201ac1d00%26passback%3DTRUE&adks=2923075505&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software cafe / Resource Hash 63bef6b6f359a3b5e8c4bc258d5be4f0149fbfc5e9956ce2fef889d24b442147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 268 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.tripoto.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	660ms 152ms	XHR application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 2ecfd810fc3856eb3076e5a501d8e502b3a7cb3d682aebe6a8aa447e07bc09ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12282 x-xss-protection 0
GET H2	200	container.html Show response 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC61	6 KB 3 KB	625ms 114ms	Document text/html	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 21:36:56 GMT expires Fri, 01 Nov 2024 21:36:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/984113598/	3 KB 2 KB	293ms 292ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984113598/?random=1698961015881&cv=11&fst=1698961015881&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100617121&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&hn=www.googleadservices.com&frm=0&tiba=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&auid=1542732399.1698961014&uamb=0&uaw=0&data=event%3DRead%3BeventCategory%3Dtrip%3BeventLabel%3Dpage_1_of_7%3BeventValue%3D0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-984113598&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash a60724329a7231014543563071ab47cb1c59626f74c2a483aef63c2e2335f6e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:56 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1394 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 132 B	276ms 276ms	Image image/gif	142.250.184.238 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=300002533&t=event&_s=2&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&ul=en-us&de=UTF-8&dt=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=trip&ea=Read&el=page_1_of_7&ev=0&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=829502827.1698961013&tid=UA-33638634-2&_gid=1380046112.1698961013&cd2=%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&cd3=trip&cd5=false&cd6=0&z=954503955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 16:59:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 16674 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 54 B	278ms 278ms	Image text/plain	157.240.0.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=850205911699903&ev=Read&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&rl=&if=false&ts=1698961015886&cd[title]=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&cd[label]=page_1_of_7&cd[slug]=d9430773-76f6-11ee-9e97-4201ac1d0034&cd[user_origin]=%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&cd[user_origin_category]=trip&cd[user_logged_in]=false&cd[referrer]=&cd[page_type]=trip&cd[traffic_source]=&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1698961014395.1839267371&ler=empty&it=1698961013248&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-fra3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 02 Nov 2023 21:36:56 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.google.com/pagead/1p-user-list/984113598/	42 B 108 B	147ms 145ms	Image image/gif	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/984113598/?random=1698961015881&cv=11&fst=1698958800000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100617121&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&frm=0&tiba=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&data=event%3DRead%3BeventCategory%3Dtrip%3BeventLabel%3Dpage_1_of_7%3BeventValue%3D0&fmt=3&is_vtc=1&cid=CAQSKQDICaaNCyfHGj5cROb4s6qXYa0M0_GwIh_6JUt4ffwmDY968KRlVmxS&random=1930247954&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:56 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ch/pagead/1p-user-list/984113598/	42 B 108 B	147ms 146ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/pagead/1p-user-list/984113598/?random=1698961015881&cv=11&fst=1698958800000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100617121&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&frm=0&tiba=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&data=event%3DRead%3BeventCategory%3Dtrip%3BeventLabel%3Dpage_1_of_7%3BeventValue%3D0&fmt=3&is_vtc=1&cid=CAQSKQDICaaNCyfHGj5cROb4s6qXYa0M0_GwIh_6JUt4ffwmDY968KRlVmxS&random=1930247954&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:56 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxXaXc2-UBNO_A2FrFNyjdccMchCnIBBFqe2wV9upi7QxxVEyApWGOQ6M0s44uqso3mgxF-bj48ZKaPhONX20Y12zlDcR7Vxe2y37imoryPDydAaDLhfZqtzs3XohLAxnEY9BaSk7g== Show response fundingchoicesmessages.google.com/f/	13 KB 6 KB	163ms 162ms	Script application/javascript	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXaXc2-UBNO_A2FrFNyjdccMchCnIBBFqe2wV9upi7QxxVEyApWGOQ6M0s44uqso3mgxF-bj48ZKaPhONX20Y12zlDcR7Vxe2y37imoryPDydAaDLhfZqtzs3XohLAxnEY9BaSk7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4OTYxMDE2LDIxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly93d3cudHJpcG90by5jb20vdHJpcC9kOTQzMDc3My03NmY2LTExZWUtOWU5Ny00MjAxYWMxZDAwMzQiLG51bGwsW1s4LCJHOGZ1eXlIZ21ZQSJdLFs5LCJkZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash 76b459dac0e1e6c4ef2e07546409d293901efc5b1e7a134e5d41e870e4263f74 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RSQhb8KoFNYcm8pbLNT9vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RSQhb8KoFNYcm8pbLNT9vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	469ms 63ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 02 Nov 2023 21:36:56 GMT
GET H2	200	container.html Show response 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7055	6 KB 3 KB	47ms 46ms	Document text/html	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 21:36:56 GMT expires Fri, 01 Nov 2024 21:36:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	widget.js Show response widgets.outbrain.com/n2d/widget/ Frame 7055	46 KB 12 KB	171ms 52ms	Script application/x-javascript	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.outbrain.com/n2d/widget/widget.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-request-headers X-OB-STG,X-OB-PRD date Thu, 02 Nov 2023 21:36:56 GMT content-encoding gzip content-length 11833 last-modified Tue, 22 Aug 2023 10:30:48 GMT server AkamaiNetStorage etag "6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954" vary Accept-Encoding access-control-allow-methods GET,POST content-type application/x-javascript access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * expires Fri, 03 Nov 2023 01:36:56 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 7055	3 KB 2 KB	254ms 48ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 13:53:29 GMT content-encoding br x-content-type-options nosniff age 27807 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 16 Nov 2023 13:53:29 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 7055	20 KB 8 KB	257ms 51ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 13:29:13 GMT content-encoding br x-content-type-options nosniff age 29263 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 16 Nov 2023 13:29:13 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 7055	0 0	54ms 52ms	Image text/html	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6IubYAvwEttGueHlKa3IuqoUbXnfy9xJpYAIHOSlSN3GVkPdIzPB6XpTKtM-BdrA0BFxRHl7YRhaboB0zJkBlBN-idA Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7055	24 KB 7 KB	255ms 50ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 29 Oct 2023 19:44:58 GMT content-encoding br x-content-type-options nosniff age 352318 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 28 Oct 2024 19:44:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7055	189 KB 60 KB	487ms 78ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Nov 2023 21:36:57 GMT
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame 7055	990 B 1 KB	52ms 52ms	Image image/svg+xml	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 02 Dec 2023 21:36:56 GMT date Thu, 02 Nov 2023 21:36:56 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1673369393.880194" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H/1.1	200 OK	writeStatistics stas.outbrain.com/Stas/api/ Frame 7055	43 B 261 B	533ms 126ms	Image image/gif	70.42.32.63 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://stas.outbrain.com/Stas/api/writeStatistics?p=Hkpo7AbS87RdAVhze9nOV8vu0ypGLJ1Jx3TXm5glZ7z0FZ-4mdYzBupjANgOHkbQolyySBo3ZPuyh5yeseQkc5bHPhE_Vhj_u_LzewJr1Mc76rmDRc2osa9aciklhsqpIhCpXIMh4GVjhmfhun0yOh5pKMD3iL1cI5M17OCLZvDtq4T0OieLh54n-MGR702dQPxTnD1lSeJ9c9aDPJNMiA7tmPYwNML23U7PoG_r1CWhfZYx8pNoaJ0qCAH4csHJP3yzKAMetP9bB9ppoEhfI3c_g7J89ZIj7fQtr5P3TjKAK1q76bG6RZe8NTrQxEXyUDlZS9jeQhjcnWI98WqxlpT28M0J5I8kTELQcC3-RZc3AjJ8qjHzo0sCVPeHH_nE4voUxIoE_sNFC4GmpDI4MBVEIpqYNTg_tm7MgiNpk2a7Z_mBL89PM5Q07i7RZr6pRAWMzX-XZoEmZlGD0DSv0bFoQTq5CcaIC5i1r6JksZrLIGgH_uei1RNK9hQiOHR_HQFYhziW-V8de8MeqkcTpq8e9VMYv4zLWL25qHQiK7ct-kbL3q6nXRsNL8h7Nd9DRSUnguKJiZvOrx6NSFa8sWfa49FcHqI4pqP9WUSiwVAiDzlGWlgciWTaIjK-eWq65mImf1aajqZvOro77bPD4B3a4kDz33FwvFTcPmObpUQ8LpuBL2fhy3HobRssL2iQWnpkn4qpbJJiPlR3m6azJewXGIxneMcgM3JORpnOgOJXObQkPR_Xal3B9MaVs04N0YDQvLsshq8UaEdOEsAvXQ&c=32557e24&v=3&deb=8460526 Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 02 Nov 2023 21:36:57 GMT Cache-Control no-cache content-encoding br Connection close X-TraceId 527259aa4fe2d813cb700d06ee764dc6 Content-Length 49 Content-Type image/gif
GET H/1.1	200 OK	/ b1t-eudc1.zemanta.com/t/imp/impression/CDO2RBLMORRMCS47IDFPJR2UW4V7RSB2UOHRLHZPDNWEFRNOYD4Z2PJEALCCKXLNVRELFMMYSCY65GERQXYH5DYHPGZKAYTDR2UUUYB2POL4MN3BQNNQT63COATC6CIQPIQLF5U4J6PBOBAIX56NNXVTSZ6HOV... Frame 7055	26 B 151 B	200ms 61ms	Image image/gif	213.227.153.222 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://b1t-eudc1.zemanta.com/t/imp/impression/CDO2RBLMORRMCS47IDFPJR2UW4V7RSB2UOHRLHZPDNWEFRNOYD4Z2PJEALCCKXLNVRELFMMYSCY65GERQXYH5DYHPGZKAYTDR2UUUYB2POL4MN3BQNNQT63COATC6CIQPIQLF5U4J6PBOBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NGCSEC36Q6Q7A4Z76P2BRAC5DB6ZFGKYCWZDI45YRQYAZE47D2KFZYELGJIOJQSMPZUTIJX4V5QI3G5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWLSETDXBOBX5DK2TEYJACP2MU2NIIQGLSFZG7IVBQZP4FOAL3E7UQXDNZ66Y2IWBVE4FWTBA7AOSPFNCNHP6SXP6S5I/? Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 02 Nov 2023 21:36:57 GMT Connection keep-alive Content-Length 26 Content-Type image/gif
GET H2	200	45d88f643d18c2f5983103cd427803b080.jpg zem.outbrainimg.com/p/srv/sha/1d/1c/ba/ Frame 7055	9 KB 9 KB	197ms 58ms	Image image/jpeg	146.75.122.132 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://zem.outbrainimg.com/p/srv/sha/1d/1c/ba/45d88f643d18c2f5983103cd427803b080.jpg?fit=fill&fill=blur&thomcrop&w=180&h=90&fm=jpg Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash b0a2285eca5a32f6274443c320dc193ad5f13c17b480a01299f3c39074027596 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT via 1.1 varnish x-content-type-options nosniff age 14655 x-cache HIT, MISS, HIT x-imgix-id 5c3ccfc4fba2f4498af847f582a65973a75a35df cross-origin-resource-policy cross-origin content-length 9095 x-served-by cache-sjc10053-SJC, cache-fra-etou8220069-FRA, cache-fra-etou8220078-FRA x-imgix-render-farm 01.140328 last-modified Thu, 02 Nov 2023 17:32:41 GMT server imgix x-timer S1698961017.069193,VS0,VE1 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * x-cache-hits 1
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2789	1 KB 871 B	782ms 66ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 69290 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 02:22:07 GMT etag 48472445140208031 expires Fri, 03 Nov 2023 02:22:07 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 7055	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash af762c6e8337edfac380791b9ad6c2ce8778d10e7761a4beb87ced0b42bb5232 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB56	13 KB 5 KB	53ms 51ms	Document text/html	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 15070 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 17:25:47 GMT expires Fri, 01 Nov 2024 17:25:47 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 25C4	829 B 982 B	58ms 58ms	Document text/html	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software GSE / Resource Hash a8ae6b03120524e3c330c3d995db638fa6b9bec00dc14fded3644bf0aa22d6da Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-CvC3hv3XQdgfbjka7oHWHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-CvC3hv3XQdgfbjka7oHWHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 21:36:57 GMT expires Thu, 02 Nov 2023 21:36:57 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	container.html Show response 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 18E1	6 KB 3 KB	47ms 46ms	Document text/html	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 21:36:56 GMT expires Fri, 01 Nov 2024 21:36:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame 25C4	0 0	613ms 92ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=4414626728775261&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response pagead2.googlesyndication.com/bg/ Frame EB56	38 KB 15 KB	581ms 60ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash 99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 11:48:45 GMT content-encoding br x-content-type-options nosniff age 35292 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15010 x-xss-protection 0 last-modified Tue, 24 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 01 Nov 2024 11:48:45 GMT
GET H2	200	widget.js Show response widgets.outbrain.com/n2d/widget/ Frame 18E1	46 KB 12 KB	51ms 50ms	Script application/x-javascript	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.outbrain.com/n2d/widget/widget.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-request-headers X-OB-STG,X-OB-PRD date Thu, 02 Nov 2023 21:36:57 GMT content-encoding gzip content-length 11833 last-modified Tue, 22 Aug 2023 10:30:48 GMT server AkamaiNetStorage etag "6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954" vary Accept-Encoding access-control-allow-methods GET,POST content-type application/x-javascript access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * expires Fri, 03 Nov 2023 01:36:57 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 18E1	3 KB 1 KB	53ms 52ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 13:53:29 GMT content-encoding br x-content-type-options nosniff age 27808 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 16 Nov 2023 13:53:29 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 18E1	20 KB 8 KB	49ms 48ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 13:29:13 GMT content-encoding br x-content-type-options nosniff age 29264 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 16 Nov 2023 13:29:13 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 18E1	24 KB 6 KB	51ms 50ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 29 Oct 2023 19:44:58 GMT content-encoding br x-content-type-options nosniff age 352319 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 28 Oct 2024 19:44:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 18E1	189 KB 59 KB	89ms 89ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Nov 2023 21:36:57 GMT
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame 18E1	990 B 1 KB	79ms 79ms	Image image/svg+xml	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: widgets.outbrain.com URL: https://widgets.outbrain.com/n2d/widget/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 02 Dec 2023 21:36:57 GMT date Thu, 02 Nov 2023 21:36:57 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1673369393.880194" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H/1.1	200 OK	writeStatistics stas.outbrain.com/Stas/api/ Frame 18E1	43 B 261 B	518ms 127ms	Image image/gif	70.42.32.63 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://stas.outbrain.com/Stas/api/writeStatistics?p=PKv8RsOWRX688ynwKLhcU1o4vqcPABlAs_MFSniI8JmT6wN2xg8YInQqApnUTXNhv8zEGZXxoINmWFgOzRgCi6cJ1wjQ66M8ciSHRKJp5ePGn6PlEV1At8HuYQ5X6xfps5y5oycPwnXTAQDMjoKCr-C4JAf6CvEkD60nxSrtI0nfOeY9GNMIZhOTKfxH5N-PfBLBenA3zJ8opEGMCn0IzmGdDpoMEB2onLgXmKw7g3QZ56OyztVuMGBYIJ1ubAJepKDdeEsLA8o_6SI12eT4Rl3ZYPHqT_E4g4au3IEiYBl-cD3jnaGzAM4LnzXvBX2bCMKdEywB-otomf30njAoC2HiRcw4wK7kU5-_mV6X74RZQpvGKZ-E95jQ8kAXfCNVfGJ3FNMYxI-zViPZABQgrsTEwOW1XdWza7OnA48i_D76E7ZpCDOkXML4S6vrRDqArvZWLVF7zQkgbCwo3DD_8gbytmxQpA0QzyOqLBJpjuYCbGatYUi8XPh5DGJ_7AxmgCFUt0Wjh-dEUfcjHcPM2fWR6TPJOQ5jVaY-ur9eSlQVS1rzgujd1QxoAJCPGsMtOUDGeNzTHhAptEeVAirLhG43QJhcfju-ztQOp_mON_dzWJHrMbefYOmjU81WX4CzBY14-yhj91TfixUkPh9WaSh5AjERZyovk5Mooy9DjHQzI2Dq20mP9XNiO32uwlOgkU0V2-9Uv0TlUTeyj0avXYLLlmMoVJ4tVbpB55cFif1eFqbgO4kF1Z6AN3cSLo01SnqM7gzUpzaJscpy9qFS8Q&c=49dac011&v=3&deb=8460526 Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 02 Nov 2023 21:36:57 GMT Cache-Control no-cache content-encoding br Connection close X-TraceId 1df0bf7bc2d902eeda1681aa49ef0ea0 Content-Length 49 Content-Type image/gif
GET H/1.1	200 OK	/ b1t-eudc1.zemanta.com/t/imp/impression/CDO2RBLMORRMDTYWRQ7F4TNS7UV7RSB2UOHRLHYWH327BPQM34WEATERWNREVQHRBC3J6Z4UFWKR64NA32LFV3YBP5OIFHZPXPZV7CP3RZHNWLCAPK2QYNFJSZHDR3DXUMTAY5DS6YYNMBAIX56NNXVTSZ6HOV... Frame 18E1	26 B 151 B	79ms 79ms	Image image/gif	213.227.153.222 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://b1t-eudc1.zemanta.com/t/imp/impression/CDO2RBLMORRMDTYWRQ7F4TNS7UV7RSB2UOHRLHYWH327BPQM34WEATERWNREVQHRBC3J6Z4UFWKR64NA32LFV3YBP5OIFHZPXPZV7CP3RZHNWLCAPK2QYNFJSZHDR3DXUMTAY5DS6YYNMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NGCSEC36Q6Q7A4Z76P2BRAC5DB6ZFGKYCWZDI45YRQYAZE47D2KFZYELGJIOJQSMPZUTIJX4V5QI3G5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWLSETDXBOBX5DK2TEYJACP2MU2NIIQGLSFZG7IVBQZP4FOAL3E7UQXDNZ66Y2IWBVE4FWTBA7AOSPFNCNHP6SXP6S5I/? Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 02 Nov 2023 21:36:57 GMT Connection keep-alive Content-Length 26 Content-Type image/gif
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9471	1 KB 677 B	496ms 66ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 69290 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 02:22:07 GMT etag 48472445140208031 expires Fri, 03 Nov 2023 02:22:07 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	45d88f643d18c2f5983103cd427803b080.jpg zem.outbrainimg.com/p/srv/sha/1d/1c/ba/ Frame 18E1	9 KB 9 KB	70ms 70ms	Image image/jpeg	146.75.122.132 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://zem.outbrainimg.com/p/srv/sha/1d/1c/ba/45d88f643d18c2f5983103cd427803b080.jpg?fit=fill&fill=blur&thomcrop&w=180&h=90&fm=jpg Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash b0a2285eca5a32f6274443c320dc193ad5f13c17b480a01299f3c39074027596 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT via 1.1 varnish x-content-type-options nosniff age 14655 x-cache HIT, MISS, HIT x-imgix-id 5c3ccfc4fba2f4498af847f582a65973a75a35df cross-origin-resource-policy cross-origin content-length 9095 x-served-by cache-sjc10053-SJC, cache-fra-etou8220069-FRA, cache-fra-etou8220078-FRA x-imgix-render-farm 01.140328 last-modified Thu, 02 Nov 2023 17:32:41 GMT server imgix x-timer S1698961017.228727,VS0,VE0 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * x-cache-hits 2
GET DATA	200 OK	truncated / Frame 18E1	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9ec0028cf67ecb5c9c1317ede4e3aa4776c3d604436ebdbbac1935a066846d0b Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	container.html Show response 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EF1	6 KB 3 KB	51ms 51ms	Document text/html	142.250.185.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js?cb=31079371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 21:36:56 GMT expires Fri, 01 Nov 2024 21:36:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	widget.js Show response widgets.outbrain.com/n2d/widget/ Frame 7EF1	46 KB 12 KB	54ms 53ms	Script application/x-javascript	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.outbrain.com/n2d/widget/widget.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-request-headers X-OB-STG,X-OB-PRD date Thu, 02 Nov 2023 21:36:57 GMT content-encoding gzip content-length 11833 last-modified Tue, 22 Aug 2023 10:30:48 GMT server AkamaiNetStorage etag "6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954" vary Accept-Encoding access-control-allow-methods GET,POST content-type application/x-javascript access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * expires Fri, 03 Nov 2023 01:36:57 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 7EF1	3 KB 1 KB	52ms 50ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/window_focus_fy2021.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 13:53:29 GMT content-encoding br x-content-type-options nosniff age 27808 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 16 Nov 2023 13:53:29 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/ Frame 7EF1	20 KB 8 KB	49ms 46ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231031/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software cafe / Resource Hash 5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 13:29:13 GMT content-encoding br x-content-type-options nosniff age 29264 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8430 x-xss-protection 0 server cafe etag 7000445677337367579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 16 Nov 2023 13:29:13 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 7EF1	0 0	54ms 52ms	Image text/html	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-ah3XgUMmAQPAkThp1FU7jw6IXSqITTV-BRDZTnme4PVnUedxIvJTUYlAhq-p6Fr2qTifPcBdrLt9kNTJ7fQdaCRVpw Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7EF1	24 KB 6 KB	49ms 47ms	Script text/javascript	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 29 Oct 2023 19:44:58 GMT content-encoding br x-content-type-options nosniff age 352319 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 28 Oct 2024 19:44:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7EF1	189 KB 59 KB	102ms 101ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60699 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1698838693892887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Nov 2023 21:36:57 GMT
GET H2	200	px.gif fundingchoicesmessages.google.com/img/	43 B 518 B	67ms 66ms	Image image/gif	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.1867412480316135 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AdfCjD1pOXVOfJLyu3hi7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AdfCjD1pOXVOfJLyu3hi7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	px.gif fundingchoicesmessages.google.com/img/	43 B 254 B	70ms 69ms	Image image/gif	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=3.505132906235323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AUlzwmCgQRKeO4xaG6DXvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AUlzwmCgQRKeO4xaG6DXvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/ Frame 7EF1	990 B 1 KB	55ms 54ms	Image image/svg+xml	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: widgets.outbrain.com URL: https://widgets.outbrain.com/n2d/widget/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Sat, 02 Dec 2023 21:36:57 GMT date Thu, 02 Nov 2023 21:36:57 GMT last-modified Tue, 10 Jan 2023 16:40:08 GMT server AkamaiNetStorage etag "5ab8e16b5f46213840bcd403e349419c:1673369393.880194" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 990 access-control-request-headers X-OB-STG,X-OB-PRD
GET H2	200	creative__300x600_previous_gen_widget.css widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame 7EF1	482 B 810 B	53ms 53ms	Stylesheet text/css	2.19.245.134 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css Requested by Host: widgets.outbrain.com URL: https://widgets.outbrain.com/n2d/widget/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.245.134 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-245-134.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers expires Fri, 03 Nov 2023 01:36:57 GMT date Thu, 02 Nov 2023 21:36:57 GMT last-modified Tue, 22 Aug 2023 10:30:49 GMT server AkamaiNetStorage etag "9d8b870db69e4f578fee693ff233fc33:1692700772.366871" access-control-allow-methods GET,POST content-type text/css access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 482 access-control-request-headers X-OB-STG,X-OB-PRD
GET H/1.1	200 OK	writeStatistics stas.outbrain.com/Stas/api/ Frame 7EF1	43 B 261 B	516ms 134ms	Image image/gif	70.42.32.63 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://stas.outbrain.com/Stas/api/writeStatistics?p=3PZ-Q4us9_Jkea-LTWrskpSwM281jMkH8-WpvdwvCrTpMPGy_Yev6XY2635WHANIeFBj0Ty55BlOfBVx-bfBkGbTCHGR2wOpOGvJQVNRs177_8_DR6X9SCjnOYdpjfPHeS17AUSNL31iCLeUZhc73P0Wn2QP1Yxv2AAZGLwVx0ZZ_y0bVonLFPekmf2x2He902pZ_ZgO-Er4E1OLcaQhLIWT14x05KA1T0fF-JwiOP03kDzNJExlh-Xo4ZAzCK0Qcjux8tld8nPDAd1P0jaQxcyaSdw1ZNsXFC2bf00iw9oDjQA1Z8qzFUd3JgyTZL-yjzYHk9PmNYFif_LraboR97vHWdDakTHVI7Q_De7CGZ-4arpEhKZoqPkkVnYXehY_Q4lc4-zGL3KpHf9JMZxVJqZNlXYLVKFaz64F0QnBy5OdOGeZ9WrMBN3u-h9hRZk92g6jbss1iuQVE8gatt_nOp1Gk1PhmGKwBS5WLnFCEkbfhdZNm6uJj6p3fYLM4C64fmtkudXrYJpyuD7msqVrCX9tmuPNwsR8OuHnQQuUqWNCosj531odB7ITwRflFqb_n_JN33HMGfsmoaBfthpDsEgajHCCw5Mu9FWzDZNSQfH50ZDHTP3a7r9gJq969gKfu7852H2rAhwb8XkWLsqJqKIjdC66UPfuRwW8SSuR1Izh7HoxebvR2IR1jJBI81cNe3vjuAgYGsbZsKOO2i8E8cq6ZAAKMsRDSqgb0WAiXT7AXwFzmZ4etCWBM_d_QHHwiCbmf7rrHWD1i2Cd5NLXTg&c=1549309&v=3&deb=8460526 Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 02 Nov 2023 21:36:57 GMT Cache-Control no-cache content-encoding br Connection close X-TraceId 1d19341d7e67efe5c3f36e748d47e853 Content-Length 49 Content-Type image/gif
GET H/1.1	200 OK	/ b1t-eudc1.zemanta.com/t/imp/impression/CDO2RBLMORRMDD7BC3C5OOB4UUV7RSB2UOHRLH6LKB7M3RK36D2MAM3YMQ5IYSLSCTWK2BM4OTBS753AA7GV7UOLLYYPVCAYXBQ7ZYFJGW6BEKYWZSZA7UTGVYLOCSNNB2CKMC2VL3AH4BAIX56NNXVTSZ6HOV... Frame 7EF1	26 B 151 B	55ms 55ms	Image image/gif	213.227.153.222 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://b1t-eudc1.zemanta.com/t/imp/impression/CDO2RBLMORRMDD7BC3C5OOB4UUV7RSB2UOHRLH6LKB7M3RK36D2MAM3YMQ5IYSLSCTWK2BM4OTBS753AA7GV7UOLLYYPVCAYXBQ7ZYFJGW6BEKYWZSZA7UTGVYLOCSNNB2CKMC2VL3AH4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NGCSEC36Q6Q7A4Z76P2BRAC5DB6ZFGKYCWZDI45YRQYAZE47D2KFZYELGJIOJQSMPZUTIJX4V5QI3G5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWLSETDXBOBX5DK2TEYJACP2MU2NIIQGLSFZG7IVBQZP4FOAL3E7UQXDNZ66Y2IWBVE4FWTBA7AOSPFNCNHP6SXP6S5I/? Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 02 Nov 2023 21:36:57 GMT Connection keep-alive Content-Length 26 Content-Type image/gif
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame E9F7	1 KB 677 B	350ms 49ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 69290 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 02 Nov 2023 02:22:07 GMT etag 48472445140208031 expires Fri, 03 Nov 2023 02:22:07 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 7EF1	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1bb156e7bfbbddb45a0d93af308f99cf15494d3bbaf502df4b146c13fd063cc7 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
POST H2	204	AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Show response fundingchoicesmessages.google.com/el/	0 1 KB	783ms 73ms	XHR text/html	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-D5kGAPvWpDJscQ6KKaP5eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy script-src 'report-sample' 'nonce-D5kGAPvWpDJscQ6KKaP5eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.tripoto.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	45d88f643d18c2f5983103cd427803b080.jpg zem.outbrainimg.com/p/srv/sha/1d/1c/ba/ Frame 7EF1	29 KB 30 KB	54ms 54ms	Image image/jpeg	146.75.122.132 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://zem.outbrainimg.com/p/srv/sha/1d/1c/ba/45d88f643d18c2f5983103cd427803b080.jpg?fit=crop&crop=faces,center&w=298&h=398&fm=jpg Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software imgix / Resource Hash d2ecc079bdc782920cd46ac4caec31ed832eb75edc1558baeee73aa7a84e9d76 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT via 1.1 varnish x-content-type-options nosniff age 787150 x-cache HIT, MISS, HIT x-imgix-id 0213c641707cb308307b913d44acdc8f5cea0f72 cross-origin-resource-policy cross-origin content-length 30178 x-served-by cache-sjc10024-SJC, cache-fra-eddf8230041-FRA, cache-fra-etou8220078-FRA x-imgix-render-farm 01.140328 last-modified Tue, 24 Oct 2023 18:57:47 GMT server imgix x-timer S1698961018.548392,VS0,VE2 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * x-cache-hits 1
GET H2	200	dpixel cms.quantserve.com/ Frame 2789	35 B 463 B	471ms 46ms	Image image/gif	91.228.74.168 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBl0Oq3xKYQ0fNlqoagA7TY&google_cver=1&google_push=AXcoOmT8JgBgfcdg3YOo_5dc6J0uTzSYXHigY7W0CodqMB-n3foIQ4Szek3ELwlM0uGBvgqPsNIk--M7RSmKXBXY5SBQKtUvkOOU3g Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2789 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEEv2LkHDsP39y-d_WrfdUhk&google_cver=1&google_push=AXcoOmTk5k90EiqjBt1hhTrQP9zIHtQgR7bSPmSXpTff1prqkZVWCEvFUp0lSJRtUVmvV45rt-YIUs48D4jr66IyNawMYm9BK9rl https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4F0938B0F8F843618DEE02CEAB24C25A&google_push=AXcoOmTk5k90EiqjBt1hhTrQP9zIHtQgR7bSPmSXpTff1prqkZVWCEvFUp0lSJRtUVmvV45rt-YIUs48D4jr66I...	170 B 232 B	65ms 65ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4F0938B0F8F843618DEE02CEAB24C25A&google_push=AXcoOmTk5k90EiqjBt1hhTrQP9zIHtQgR7bSPmSXpTff1prqkZVWCEvFUp0lSJRtUVmvV45rt-YIUs48D4jr66IyNawMYm9BK9rl Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 02 Nov 2023 21:36:57 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4F0938B0F8F843618DEE02CEAB24C25A&google_push=AXcoOmTk5k90EiqjBt1hhTrQP9zIHtQgR7bSPmSXpTff1prqkZVWCEvFUp0lSJRtUVmvV45rt-YIUs48D4jr66IyNawMYm9BK9rl access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Wed, 01 Nov 2023 21:36:57 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2789 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBPehzl7IePtcAznju-Ipeg&google_cver=1&google_push=AXcoOmQ_jzdY8V4Fy7yweMVHGQSjHq6ubbkGEBboDufvyj8UsfoZj6ZBjPJtLPbe5_DEQKCnDNUTVxeaflM... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ_jzdY8V4Fy7yweMVHGQSjHq6ubbkGEBboDufvyj8UsfoZj6ZBjPJtLPbe5_DEQKCnDNUTVxeaflMY5OKjEnD2ee502HCvGw&google_hm=LvRip05YRv-6-P6VCz...	170 B 329 B	62ms 62ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ_jzdY8V4Fy7yweMVHGQSjHq6ubbkGEBboDufvyj8UsfoZj6ZBjPJtLPbe5_DEQKCnDNUTVxeaflMY5OKjEnD2ee502HCvGw&google_hm=LvRip05YRv-6-P6VCzYnxYw Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 02 Nov 2023 21:36:57 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ_jzdY8V4Fy7yweMVHGQSjHq6ubbkGEBboDufvyj8UsfoZj6ZBjPJtLPbe5_DEQKCnDNUTVxeaflMY5OKjEnD2ee502HCvGw&google_hm=LvRip05YRv-6-P6VCzYnxYw content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2789 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEHZjRWogfiRKG15k7-PLpuM&google_cver=1&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEHZjRWogfiRKG15k7-PLpuM&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZ... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg&google_hm=bCewTlRKzqc7_eQt91Tt0w==	170 B 232 B	80ms 79ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg&google_hm=bCewTlRKzqc7_eQt91Tt0w== Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT via 1.1 google content-type text/html; charset=utf-8 location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR8Q5wdQI6LEVlZlbeQmrMBNRnA5QoMjRhBVC1otqjZNXOkISwAWeyJf6PHYGNLhIumX4BtxstyDTFcW6kjtKY2g4bg488wZg&google_hm=bCewTlRKzqc7_eQt91Tt0w== p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 231
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2789 Redirect Chain https://match.360yield.com/match/ebda?google_gid=CAESEF7vhej8cUsXKlFIEOTGCtk&google_cver=1&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIGPLtYdr... https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEF7vhej8cUsXKlFIEOTGCtk&google_cver=1&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIG... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dTJSM9EeQLKKK2nZuv3Ljw&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebI...	170 B 188 B	77ms 77ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dTJSM9EeQLKKK2nZuv3Ljw&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIGPLtYdr_YVYzHMg Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=dTJSM9EeQLKKK2nZuv3Ljw&google_push=AXcoOmQoJbobOEw3nVp8UfPZ_SqSMioaRt9EwQYEWuo2tlmgDnjOHifDkfW4yPJ3soa7LcJlrcRMMc_k9z3aebIGPLtYdr_YVYzHMg access-control-allow-origin * date Thu, 02 Nov 2023 21:36:58 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2789 Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJtGwrwbqnzBY5pkqgYmk7Q&google_cver=1&google_push=AXcoOmSK9cEm6Gf1oZpyQwdgYNb74GSJc8AhsV4kDdeT1MOVf7pX5QtnmrtZA-p6vQABr_0sRgC4hZ... https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSK9cEm6Gf1oZpyQwdgYNb74GSJc8AhsV4kDdeT1MOVf7pX5QtnmrtZA-p6vQABr_0sRgC4hZnxMm8IPQHWsLyp3zv-4XUiZQ&google_hm=MzAwODkw...	170 B 232 B	73ms 69ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSK9cEm6Gf1oZpyQwdgYNb74GSJc8AhsV4kDdeT1MOVf7pX5QtnmrtZA-p6vQABr_0sRgC4hZnxMm8IPQHWsLyp3zv-4XUiZQ&google_hm=MzAwODkwMjgxMDc1NjI5NjczMA%3D%3D Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSK9cEm6Gf1oZpyQwdgYNb74GSJc8AhsV4kDdeT1MOVf7pX5QtnmrtZA-p6vQABr_0sRgC4hZnxMm8IPQHWsLyp3zv-4XUiZQ&google_hm=MzAwODkwMjgxMDc1NjI5NjczMA%3D%3D date Thu, 02 Nov 2023 21:36:57 GMT content-length 0
GET H2	200	0.gif id5-sync.com/i/495/ Frame 2789 Redirect Chain https://sync.inmobi.com/gob?google_gid=CAESEFpEQTM0zxuSUtQz2hFAyuI&google_cver=1&google_push=AXcoOmR4k_8cQ3YdjZiaP6c6b9UEL1RJQd_RWB36sBdYhGFNBSGQBzZPPE04jiEeibxIvHkwZUQ95gl1x0XnSca_9c1gnuWsC2237Q https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR4k_8cQ3YdjZiaP6c6b9UEL1RJQd_RWB36sBdYhGFN...	43 B 921 B	173ms 57ms	Image image/gif	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR4k_8cQ3YdjZiaP6c6b9UEL1RJQd_RWB36sBdYhGFNBSGQBzZPPE04jiEeibxIvHkwZUQ95gl1x0XnSca_9c1gnuWsC2237Q Protocol H2 Server 162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Thu, 02 Nov 2023 21:36:57 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="CAO PSA OUR" Redirect headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none referrer-policy no-referrer expect-ct max-age=0 x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 location https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR4k_8cQ3YdjZiaP6c6b9UEL1RJQd_RWB36sBdYhGFNBSGQBzZPPE04jiEeibxIvHkwZUQ95gl1x0XnSca_9c1gnuWsC2237Q x-download-options noopen vary Accept content-length 273 x-xss-protection 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 2789	0 40 B	85ms 64ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxALB2iYqjNeA7tsxzFCOohbQhAZbaIulc8DJGOkWKIscvzW8XqgletzqX3_r4QQBlGrFL_g Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 7055	0 0	127ms 126ms	Image text/html	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CtdBxeBZEZZjuF4jwgQeAqoCgCtesnIJuyur8vP0QwI23ARABIABg9YWAgJQEggEXY2EtcHViLTk0Njc2MTYxMzI4OTM2OTbIAQngAgCoAwHIAwKqBLoCT9DFKnUEINQDyCw67FmgFIJyi85LQSrLudekEyCGyJaR9quY-D7bc89cTk5JKuK7_XLslo9xZrUHaM2rdbHOtWYSVleWmUXHO_CuKpAJPjB8QpJBomxHELgPkhWBRXUNVzZPKWmjIXgjbosuYpMjbls0NTkBRapnc0UnXbltdO_smPcUUrGMKY-OlRWd6E2zT3Z2K90SZ3OTDPgfyj2IPeZPx5c4HtSh6gISTTvgjK0UdDkDsrVtstE1weBnVM_2YtPJDJfjmovQDlzu2zLI5p8OmYWNtGIZNHbTtVT6kNnLXoNFPK-XDnyqEcHsqXpt6alCw3ZB-zU6PJcxG-Gi4dFI0JWrAG_8tCCIaVA8fvMEX_j5DyBU4QxAAfi8yUos9DIjUmVpogVkBW6s99VWoZLOKvz_jCNc5_rgBAGABpGNmoD6pfLjaaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTQ2NzYxNjEzMjg5MzY5Nhibp20&sigh=Bpx6BNp0hMA&uach_m=[UACH]&cid=CAQSOwDICaaN4O3nLkT5O2ZZ_cuaCGrJrJDepEUSbtL6FBmYs8FfLRscM9a6Mx4Jc_V1kO7iGOV-lAnQ3pYEGAE&cbvp=2&vis=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	/ b1-eudc1.zemanta.com/bidder/win/googleadx_display/f2410ba9-79c7-11ee-a0a5-c5186864abd0/ZUQWeAAF9xgK4HgIAAAVAEDzuhTgHOk5LptKJA/62Y7DQFGJ4TXD6R6UJRUQ2PFXGCKO6O2U7Z4RJ3STMQK6LFWN3GW7NKQTLYUIFX6CEOXHLG... Frame 7055	0 99 B	244ms 67ms	Image text/plain	213.227.153.220 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f2410ba9-79c7-11ee-a0a5-c5186864abd0/ZUQWeAAF9xgK4HgIAAAVAEDzuhTgHOk5LptKJA/62Y7DQFGJ4TXD6R6UJRUQ2PFXGCKO6O2U7Z4RJ3STMQK6LFWN3GW7NKQTLYUIFX6CEOXHLGRO2RDAKYXNBCR447MLXGQAGZ62OQVVKZGF5WWBHDPBOK3M6ZIYYRXNU6CI7A5GTK4FSZ7N5HM75QFVSN4YBMSI4KTBQ55JVEJVLAO4BKJ4R2FGILONU6V5AOGE2TQ43CJWLX4ZT5PPOES5632Q2BMIAMT7FBHSPKNRD66ZUK7FRUYCLYZYQPBBJR2M2C4Y5P6ZGQ2WB7PAIWGDGCZ3N52QEG3OOCYL7OAVWKB5O5LXU6PYNZHI6M4HXQUF7QGN4SY2ZZ73IB7DBSAS2TNBJ4ASOWGVNZ6QTVA7GUGHKHOBVRSRDEG7ZNHJHXJENRU2MTOCBKYQSLNFILWZL6OF55ZJEG7ZZWNWJLKPSZRX7TUFFC4EN5SHC3WYNJJZTVVG5RSEHGUZQS2KE66GB3BBYUAXB6F3QE35JBB7SFQOTPIOAMNGBHNG5G7LDGYMQBEWO47PUHPVDX27GQOT6Q7D5TGQMGW5Q2OA7LHXFOA2D2RA5KYADAQBAOHS7LFBHXOJJWUTQ2EPHI7PXADEAR4J3NX27KDQSR753GQQLGVQDEMZ6BY7UQZ5HLCXQDVYFIEE7MDH3IMZPEERJF6DFGX5DIWBLBP5BVQFN6GPXHXWHKBFYAFFIXHPFHSNHEVGNO2PE5NZM4WN6AFMPEY4NYAYYFRTHKUKTR7W7K3WMH6QOE2F3YFGZG4G2N3LUHN25OO34V654DO4ZNQLJ457RQGA4M5UHG6CH3GFU6BKNQERNBHLM5A/?&cbvp=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS v182.ce13.ams-01.nl.leaseweb.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Date Thu, 02 Nov 2023 21:36:57 GMT Content-Length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9471 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEKSGmoDJpuV2ZwwfZhZDOgg&google_cver=1&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEKSGmoDJpuV2ZwwfZhZDOgg&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC&google_hm=bCewTlRKzqc7_eQt91Tt0w==	170 B 232 B	81ms 81ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC&google_hm=bCewTlRKzqc7_eQt91Tt0w== Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT via 1.1 google content-type text/html; charset=utf-8 location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSmRsS4KmHVkJ9__fS0wtVAe9PRWOYTkL10BnW6tee-J6qw5sF1xpln7Md5k4csnSU0w-afqZz2jANpIgTMLAyiKMJSZYCC&google_hm=bCewTlRKzqc7_eQt91Tt0w== p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9471 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECIR08Mho1W3J62mU9o_BG0&google_cver=1&google_push=AXcoOmREPAabEHfmsKN4IxTdnb2kpUfNiFZB2983ojjhXJ1z-wQPVdY3NOk596DLAduu6Ecl_FyUjGKqMozqV7L... https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1WhzkF82XvtJU-jMppOA7VFYv4w&google_push=AXcoOmREPAabEHfmsKN4IxTdnb2kpUfNiFZB2983ojjhXJ1z-wQPVdY3NOk596DLAduu6Ecl_FyUjGKqMozqV7...	170 B 188 B	58ms 58ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1WhzkF82XvtJU-jMppOA7VFYv4w&google_push=AXcoOmREPAabEHfmsKN4IxTdnb2kpUfNiFZB2983ojjhXJ1z-wQPVdY3NOk596DLAduu6Ecl_FyUjGKqMozqV7LDk5dYXnSho93L Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1WhzkF82XvtJU-jMppOA7VFYv4w&google_push=AXcoOmREPAabEHfmsKN4IxTdnb2kpUfNiFZB2983ojjhXJ1z-wQPVdY3NOk596DLAduu6Ecl_FyUjGKqMozqV7LDk5dYXnSho93L Date Thu, 02 Nov 2023 21:36:58 GMT Connection keep-alive Content-Length 242 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	sync dsp.adkernel.com/ Frame 9471	42 B 233 B	522ms 204ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEEdB9iNYLE8mOvD7pVjvkkk&google_cver=1&google_push=AXcoOmScuaeWiYmkWmMt4ZSVPUnyqxMgUjtlSWe1Ik9mNzKICCx7nvWGFtgZEZt-DuGi488id8JTHcWezFrqIk3BY6Sryy0tQro Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 02 Nov 2023 21:36:58 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9471 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_push=AX... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_hm=ZUQWeaT8YjYCa9NHQZ3iQgAADRwAAAIB&google_nid=index&google_push=AXcoOmTvU8tZK-M_Bmd9jhRTuJFhdGXA_Nq1c...	170 B 232 B	73ms 72ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_hm=ZUQWeaT8YjYCa9NHQZ3iQgAADRwAAAIB&google_nid=index&google_push=AXcoOmTvU8tZK-M_Bmd9jhRTuJFhdGXA_Nq1ckuCVTLgdqH6v3jnGBT_etPRbo9vldRARELvdNpSVjIiw7rGpiazqEqVWuhrrBDj Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgI4%2BTq6RUjsawJR8NWXyUwcz0DClKNK%2FVQ0H1T4vMZryXRTQ%2FUu%2FZHvE%2F4OL%2BH8f8RvfDl0EIS6rN7GnZyXAVV4s7Ckl0Hrn6%2B9MnROxdG85M%2FMq1DXqf5mEr1Z%2Bowd7%2B6QHmW7oaloYQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJGFz-ktn8bfCdAvzrB7XaA&google_hm=ZUQWeaT8YjYCa9NHQZ3iQgAADRwAAAIB&google_nid=index&google_push=AXcoOmTvU8tZK-M_Bmd9jhRTuJFhdGXA_Nq1ckuCVTLgdqH6v3jnGBT_etPRbo9vldRARELvdNpSVjIiw7rGpiazqEqVWuhrrBDj cache-control no-cache cf-ray 81ff841a988d2355-ZRH alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9471 Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM&redir=https%3A%2F%2Fcm.g.double... https://sync.targeting.unrulymedia.com/csync/RX-e0218b76-83f1-4078-88a0-b28956353eb0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTX6F8uLTMNwaRosF7nX... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA	170 B 188 B	59ms 59ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTX6F8uLTMNwaRosF7nXnaXbWbpSA6zO2DFg1u2xZ3Y-bIxBVEMZ9ahBtiximyB98vewzArb4XPvcnT53KftVMZSj2O-aM&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA date Thu, 02 Nov 2023 21:36:58 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RXe0218b7683f1407888a0b28956353eb0003 content-type text/html
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9471 Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOND7Aku4Hqh3yHLJzaP0ag&google_cver=1&google_push=AXcoOmTdHM1HCz-3XBbBSxwUPnYIOuXTB4zhF2M9tcYWf5N39KqQ_l6-WYrfvymgZ6iyS5GuKCtOq0... https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTdHM1HCz-3XBbBSxwUPnYIOuXTB4zhF2M9tcYWf5N39KqQ_l6-WYrfvymgZ6iyS5GuKCtOq0lF5tYQBc9bzwbLtj81PAI&google_hm=OTIyNDc3ODA...	170 B 232 B	71ms 70ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTdHM1HCz-3XBbBSxwUPnYIOuXTB4zhF2M9tcYWf5N39KqQ_l6-WYrfvymgZ6iyS5GuKCtOq0lF5tYQBc9bzwbLtj81PAI&google_hm=OTIyNDc3ODA5NDA1NjM2NjI4 Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTdHM1HCz-3XBbBSxwUPnYIOuXTB4zhF2M9tcYWf5N39KqQ_l6-WYrfvymgZ6iyS5GuKCtOq0lF5tYQBc9bzwbLtj81PAI&google_hm=OTIyNDc3ODA5NDA1NjM2NjI4 date Thu, 02 Nov 2023 21:36:57 GMT content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9471 Redirect Chain https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHuxP-MWsZL7pZlFBF4riFo&google_cver=1&google_push=AXcoOmRSjFfm4sQZPmheoka5HszdzT8SFiT3h7oH7eJCFdsI8bPAincJ3GZwWj7t8PHRgah_p0Tomwckr_iO-HLSxH-snQW... https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRSjFfm4sQZPmheoka5HszdzT8SFiT3h7oH7eJCFdsI8bPAincJ3GZwWj7t8PHRgah_p0Tomwckr_iO-HLSxH-snQWDTugcsg&google_hm=NjM0NzEzM...	170 B 232 B	61ms 61ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRSjFfm4sQZPmheoka5HszdzT8SFiT3h7oH7eJCFdsI8bPAincJ3GZwWj7t8PHRgah_p0Tomwckr_iO-HLSxH-snQWDTugcsg&google_hm=NjM0NzEzMTI2ODA3NTU5MTMyOQ== Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRSjFfm4sQZPmheoka5HszdzT8SFiT3h7oH7eJCFdsI8bPAincJ3GZwWj7t8PHRgah_p0Tomwckr_iO-HLSxH-snQWDTugcsg&google_hm=NjM0NzEzMTI2ODA3NTU5MTMyOQ== Date Thu, 02 Nov 2023 21:36:58 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 9471	0 69 B	68ms 63ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvcOfX6xZ-_4dGoTIRIhHOYrUGkeo1Un5fPtQ8R0SZpRnzSiuLLh1cLh7cBd2a9KiJZDo-FQ Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 18E1	0 0	120ms 119ms	Image text/html	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CbIjLeBZEZdqEMdLB-gbW0Z6oCtesnIJuyur8vP0QwI23ARABIABg9YWAgJQEggEXY2EtcHViLTk0Njc2MTYxMzI4OTM2OTbIAQngAgCoAwHIAwKqBMwCT9DbqhzBPOGose0p2t57awms6jpHWzf5SX5DHcMrMsEr5zPHmIVHYK6h8Zf7iDfMYXGlPsrJFRPKSdXQ1L2F9WwERHz_f5haNEMhBKpTynylPcRelvxD_R9KwgK-P6wjZ7jK6dt8-ZUAWAFTdNEPElQqUyQiQDCyZK7I80v1UseFYM_IkgNb8UhzUzg8lzYMqt-JctXRAbDCjjwXAKR9Z3uc5Yp6YkNF9tq_FM2ht3jTB4z5FjvgQTX1WUwKR7tuVXcSSTA6dOd7Prg0WX7HoEDh2B0Smhf4AswIj88cyJAogHPfuIXE3teJ0iLDwNZm5DpgGvVrqrJIG43nXhJcYi_V71esgMlc9in_-OT05tAtZo5AWRPTZVudFr8DLwsPtWmjVdVBVnyYqMwcz4LjYHjdnBn7yDr9s78pVbOLWqSTsXwHwmpfbvhWSHrgBAGABpGNmoD6pfLjaaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTQ2NzYxNjEzMjg5MzY5Nhibp20&sigh=rQaMjlQ07EU&uach_m=[UACH]&cid=CAQSOwDICaaNysXTcQykDnPiLIOGCU0AZDxkXDr8i11gHSrRkfpodnzp_AC9UEfHmQ-g7RANHyGk09OWNNO2GAE&cbvp=2&vis=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	/ b1-eudc1.zemanta.com/bidder/win/googleadx_display/f27ff4e2-79c7-11ee-8706-2b74554a5fa8/ZUQWeAAMQloK3qDSAAeo1iBy68jbOGYeGfzxww/KO5NNWJXEAIKA6U2KHBIUWLITICAMRVHV3AFRQLSTMQK6LFWN3G6DEY4AAWY2GGES2OX6QN... Frame 18E1	0 99 B	236ms 66ms	Image text/plain	213.227.153.220 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f27ff4e2-79c7-11ee-8706-2b74554a5fa8/ZUQWeAAMQloK3qDSAAeo1iBy68jbOGYeGfzxww/KO5NNWJXEAIKA6U2KHBIUWLITICAMRVHV3AFRQLSTMQK6LFWN3G6DEY4AAWY2GGES2OX6QN5ZQUH22HZIVNY3QTFMTGQAGZ62OQVVKZGF5WWBHDPBOK3M6ZIYYRXNU6CI7A5GTK4FSZ7N5HM75QFVSN4YBMSI4KTBQ55JVFNAFRLJ6IHUT26P22IJS6ABK65FFVV4SPM6IE24B7MYZM5C2KGGAHIR5EVSQJHIRBURPYZESDFFFWXY36VJSGNACQTIEE5S7235AFYU2UMUZRZWZCTKXPKBU2YTKVXUS2YIYGQ2DZW76US7RUXQMBY7M4W2JDZJT3TICHWRCKPERD2LT35B4RUKKPCQY5BGQHQAD7ZZPBSSWA5REWFEW3UTBKAUNKORXLKJFDB4LU7Y7SA6J3XREWF6EKCLFP7XVJ6X2OMAYDODVI42Y2YUUC43676YHMN3TYWRK426IU4ZIN3WJKH45HBWIGTBX3ILUGHKDLFFGJXAVTKLVY2VSJQURLWNVUW6JI4FZRFVYKZGWWZRAP7BPGOMMTG6UNLHMFZK6EWP55QO6THGMC75ODBW5TGGXYFRWLCL7CVFYII2OSNKIRXD2U5VHBATUUU7OVLGI2AK6CKL5CPJ6JME4GNQ2ZQIZCIEZMMXUOD36GAHYDYII24V45FPGFT3YASQPWTAKYBHQWFT2LMXIXDBWO2FOLSDF6FVRFPZ2WWFLKINR4II3EM66T2HY5L4FYHJDLT5IIHUK2JLFT4AK757CNRZHD5J2ZLUXTZZYYIFW4DZZMXYHJTJMUJ4PLRAFW4KSZ4GBW4IJ7P36MQ/?&cbvp=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS v182.ce13.ams-01.nl.leaseweb.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Date Thu, 02 Nov 2023 21:36:57 GMT Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame E9F7 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFDJbgRiNw6aptJ-Fnqf24&google_push=AXcoOmQZeP7gUCE74JH2gKBm475fcO1kygnqBUZZ_71zfCIxDCYAG3l_cI...	170 B 188 B	69ms 68ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFDJbgRiNw6aptJ-Fnqf24&google_push=AXcoOmQZeP7gUCE74JH2gKBm475fcO1kygnqBUZZ_71zfCIxDCYAG3l_cImRT0aubkj9e0DZk-VeU4xuOyd5MRArQg65j2vNIQ1x3A Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-ams21069-AMS pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1698961018.084445,VS0,VE90 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFDJbgRiNw6aptJ-Fnqf24&google_push=AXcoOmQZeP7gUCE74JH2gKBm475fcO1kygnqBUZZ_71zfCIxDCYAG3l_cImRT0aubkj9e0DZk-VeU4xuOyd5MRArQg65j2vNIQ1x3A cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame E9F7 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEFi6cloxltuKBh2dpkWIzDc&google_cver=1&google_push=AXcoOmRToh76xPszqGSH4na44HBI2SpRyeEXkjd-cjRWB_klZBZMPDkDrzC_9lSwgvICrTnQ_ZtO0WU5XrrBGRK9zUsO1e2VlfFs https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26B5972BB84945A19041F033FB36DDDA&google_push=AXcoOmRToh76xPszqGSH4na44HBI2SpRyeEXkjd-cjRWB_klZBZMPDkDrzC_9lSwgvICrTnQ_ZtO0WU5XrrBGRK...	170 B 232 B	66ms 65ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26B5972BB84945A19041F033FB36DDDA&google_push=AXcoOmRToh76xPszqGSH4na44HBI2SpRyeEXkjd-cjRWB_klZBZMPDkDrzC_9lSwgvICrTnQ_ZtO0WU5XrrBGRK9zUsO1e2VlfFs Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 02 Nov 2023 21:36:57 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=26B5972BB84945A19041F033FB36DDDA&google_push=AXcoOmRToh76xPszqGSH4na44HBI2SpRyeEXkjd-cjRWB_klZBZMPDkDrzC_9lSwgvICrTnQ_ZtO0WU5XrrBGRK9zUsO1e2VlfFs access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Wed, 01 Nov 2023 21:36:57 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E9F7 Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGNtWR0wb4iyu7Rcbv6AJF8&google_cver=1&google_push=AXcoOmRxEDqjIl0WeNcUeM_-IRKVKVeP0FIKF8GP43sJViDtRLAu6J1UzM7d5ky5UH6PAFluGsKrw... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxEDqjIl0WeNcUeM_-IRKVKVeP0FIKF8GP43sJViDtRLAu6J1UzM7d5ky5UH6PAFluGsKrw2LxhfvcV3m-pyVfH_MhpepIFg	170 B 188 B	59ms 58ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxEDqjIl0WeNcUeM_-IRKVKVeP0FIKF8GP43sJViDtRLAu6J1UzM7d5ky5UH6PAFluGsKrw2LxhfvcV3m-pyVfH_MhpepIFg Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 02 Nov 2023 21:36:58 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 409BFE2FA92F45029E09E38545721F7A Ref B: AMS04EDGE2317 Ref C: 2023-11-02T21:36:58Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxEDqjIl0WeNcUeM_-IRKVKVeP0FIKF8GP43sJViDtRLAu6J1UzM7d5ky5UH6PAFluGsKrw2LxhfvcV3m-pyVfH_MhpepIFg x-li-source-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYJMjAAWNNIkovmLmxfDg==
GET H2	200	google match.adsrvr.org/track/cmf/ Frame E9F7	70 B 149 B	312ms 121ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAm_wetWY_soRGC_xbsEtug&google_cver=1&google_push=AXcoOmSRNxPrhcmiDcKtXCQtwmnjlEPrA1A6ITlufor1HtEUbNwrY4eJcstdINnX_XlqZcHy-BVnZnQIw9_FX5qHgqt7MJFM4o6meg Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:58 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame E9F7 Redirect Chain https://google.partners.tremorhub.com/sync?UIDF=CAESEJ2smJ4QMCLakUCo2arZYns&google_cver=1&google_push=AXcoOmRKRci4o8WcLl0ZjcSuw8GucdEKRTzovptN_xXQvDTYTxYd_OlpTPQwBXPyRr8LC59q8unHei_OeeqzANwy8mPi79N... https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NjM1NjM1YTRiM2M2NDcxYzljMzk2YTBkOGE5NDFjMGI%3D&UIDF=CAESEJ2smJ4QMCLakUCo2arZYns&google_cver=1&google_push=AXcoOmRKRci4o8WcLl0ZjcSuw8Gu...	170 B 188 B	57ms 57ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NjM1NjM1YTRiM2M2NDcxYzljMzk2YTBkOGE5NDFjMGI%3D&UIDF=CAESEJ2smJ4QMCLakUCo2arZYns&google_cver=1&google_push=AXcoOmRKRci4o8WcLl0ZjcSuw8GucdEKRTzovptN_xXQvDTYTxYd_OlpTPQwBXPyRr8LC59q8unHei_OeeqzANwy8mPi79NEKcitYg Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NjM1NjM1YTRiM2M2NDcxYzljMzk2YTBkOGE5NDFjMGI%3D&UIDF=CAESEJ2smJ4QMCLakUCo2arZYns&google_cver=1&google_push=AXcoOmRKRci4o8WcLl0ZjcSuw8GucdEKRTzovptN_xXQvDTYTxYd_OlpTPQwBXPyRr8LC59q8unHei_OeeqzANwy8mPi79NEKcitYg date Thu, 02 Nov 2023 21:36:58 GMT server nginx content-length 0 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
GET H3	200	pixel cm.g.doubleclick.net/ Frame E9F7 Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg&redir=https%3A%2F%2Fcm.g.dou... https://sync.targeting.unrulymedia.com/csync/RX-e0218b76-83f1-4078-88a0-b28956353eb0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQPvLlq1Z3GGXDUgHUSO... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA	170 B 188 B	61ms 60ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQPvLlq1Z3GGXDUgHUSO2AW8nc9iwIUUWj0rRFVtBOdmPSlVI7oucsZUdxw9ruOdRaK7xZKpN9vkpC-WFOKojyqV1aBnI3plg&google_hm=A-Ahi3aD8UB4iKCyiVY1PrA date Thu, 02 Nov 2023 21:36:58 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RXe0218b7683f1407888a0b28956353eb0003 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame E9F7 Redirect Chain https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS3zc4jHQ6yBq9nB7utPgmeYfcXf3mRD9bQesBHugbNI6_yWbD_b-BAPiRcX43nyyu9-gxZjyEIDN0hitTyWvh-4ypI93S-Y9k&google_gid=CAESEPwPo2lerD... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwPo2lerDSHbTjTqD7z3v4&google_hm=T1BVY2I1ZjYyMGFjM2I1NGQ4YzlhMGVlMWM4YmM3ZmMzNTE&google_nid=opera_norway_as&google_push=AXcoOmS3zc4j...	170 B 188 B	58ms 58ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwPo2lerDSHbTjTqD7z3v4&google_hm=T1BVY2I1ZjYyMGFjM2I1NGQ4YzlhMGVlMWM4YmM3ZmMzNTE&google_nid=opera_norway_as&google_push=AXcoOmS3zc4jHQ6yBq9nB7utPgmeYfcXf3mRD9bQesBHugbNI6_yWbD_b-BAPiRcX43nyyu9-gxZjyEIDN0hitTyWvh-4ypI93S-Y9k Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 02 Nov 2023 21:36:58 GMT server Tengine access-control-allow-methods POST, GET content-type text/html; charset=utf-8 access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPwPo2lerDSHbTjTqD7z3v4&google_hm=T1BVY2I1ZjYyMGFjM2I1NGQ4YzlhMGVlMWM4YmM3ZmMzNTE&google_nid=opera_norway_as&google_push=AXcoOmS3zc4jHQ6yBq9nB7utPgmeYfcXf3mRD9bQesBHugbNI6_yWbD_b-BAPiRcX43nyyu9-gxZjyEIDN0hitTyWvh-4ypI93S-Y9k cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With content-length 327 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame E9F7	0 49 B	63ms 62ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4plcqPzu7sjga8vf7RdpGWfvVymbZVhGjf3HebkYHThKZADFmUIQe8ovnFoNOoJ9w9UJIUA Requested by Host: 464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com URL: https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	204	generate_204 tpc.googlesyndication.com/ Frame EB56	0 40 B	90ms 89ms	Image text/plain	216.58.212.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?nqAY-A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f129.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:57 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 7EF1	0 0	94ms 93ms	Image text/html	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CZD91eRZEZeCKAZGrgAezqpj4A9esnIJuyur8vP0QwI23ARABIABg9YWAgJQEggEXY2EtcHViLTk0Njc2MTYxMzI4OTM2OTbIAQngAgCoAwHIAwKqBLYCT9Do0WSyiYfOgBV1ihelG1TctGMPikWVIlZMjq0GThZB6hPQnDjo_jsxE1N3PSSYAV86wKELLWTmlIXTFc9J1PMWpw93nNBRlt7gEwmnoja0yjXL3nQh3Vt3Km2skc05w2FvkrT19EXD1gfc1Mq3p3LwmC2kTUv-5w1BVa5g3cEIGKkoUtuegtJjg7h8Z5ZLagFiX92_NkCxY9l8khuI4OddUgi37ZrEb6cCKbTGEmuvO7lBYMgnppxuoGmlKZNhI8jjglp-gHeCYtxmB2GjKFBm3GtB9I3TnJ-DsGR2nrt0Tslr-GEjgyYZNExbxjv4K0C6TMwSCnjE8gGfRoKCqKygm-Ly99vO4kZyY0M2rCgcTAyaWJIGBngK4gfMf7BJw4UFCNGlCOCiE8y7wN1m0ow6eo3MkeAEAYAGkY2agPql8uNpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05NDY3NjE2MTMyODkzNjk2GJunbQ&sigh=fjrLBAcIHmA&uach_m=[UACH]&cid=CAQSPADICaaNkhVBbj-q261876LfiD0m_X7Qz2kReZQOw26WoTsNJG0N4nPkrJicRXWqkpXtwMZ0PXNhPj3yzxgB&cbvp=2&vis=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	/ b1-eudc1.zemanta.com/bidder/win/googleadx_display/f29c0675-79c7-11ee-83bf-442ea01328fd/ZUQWeQAARWAK4BWRAAYVM3lbbxJ8H85Oh6ZSfA/J4JY7MXEPZ46TXPSEDVKWOD7YJPERKUC7JBUGC3STMQK6LFWN3GXXDU5TFKZMMGRDE5PDWM... Frame 7EF1	0 99 B	118ms 69ms	Image text/plain	213.227.153.220 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f29c0675-79c7-11ee-83bf-442ea01328fd/ZUQWeQAARWAK4BWRAAYVM3lbbxJ8H85Oh6ZSfA/J4JY7MXEPZ46TXPSEDVKWOD7YJPERKUC7JBUGC3STMQK6LFWN3GXXDU5TFKZMMGRDE5PDWMCM2UWOQDI5KPNQQZHSTGQAGZ62OQVVKZGF5WWBHDPBOK3M6ZIYYRXNU6CI7A5GTK4FSZ7N5HM75QFVSN4YBMSI4KTBQ55JVD2WB2AAWLNLFYVGILONU6V5AOGE2TQ43CJWLX4ZT5PPOES5632Q2BMIAMT7FBHSPNYPLOEM6BJLW5U3XTSMYIGR26WM2C4Y5P6ZGQ2WB7PAIWGDGCZ3N52QEG3OOCYL7OAVWKB5O5LXU6PYNZHI6M4HXQU2TVFPLNNRSJ23IB7DBSAS2TNBJ4ASOWGVNZ6QTVA7GUGHKHOBVRXW43RJ5A7IDTKEOCL3GOH3FKUTEOAASW3NT442B6AZXSC677WYW5JVAALL5HH2IKWTG7QM5LMDBZ2GBUN2XRVZ5LXAB6XYRAHGTCNR5QQRAYRYFLKAHWFQ74V3YPIPALYYPKKCY7YCGOY7ZK7DQVMVF7NEM2M4WVBT7XFOVWHQLLQ7JTPK4XNDDLJKBCD53TZ4J2FH3IFJIKR77VUPH4DBK4ZSB5GHHGKW7W7L5OQH26SOS3TA75EPXUQIRIUEG3ZZHOCDL5TZJKFPGSE6IPMXV2DLAXSDGEKMMQO3RTVMF727GIPFMAYAUQGMIWX2SE6LX45LAXEHFHVIXMK5RK3QHKH5WVOESK3LDCC2MW5HGXQPTQA65YBJLCWNZHFOADM64756HPT3L6HDC5D7HVWJV36SELXLWNMAC3X26GGQSUGC6FYT4GXX56ZG6DOVTTA/?&cbvp=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS v182.ce13.ams-01.nl.leaseweb.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Date Thu, 02 Nov 2023 21:36:58 GMT Content-Length 0
OPTIONS H/1.1	204 No Content	/ b1t-eudc1.zemanta.com/t/imp/view/CDO2RBLMORRMDD7BC3C5OOB4UUV7RSB2UOHRLH6LKB7M3RK36D2MAM3YMQ5IYSLSCTWK2BM4OTBS753AA7GV7UOLLYYPVCAYXBQ7ZYFJGW6BEKYWZSZA7UTGVYLOCSNNB2CKMC2VL3AH4BAIX56NNXVTSZ6HOVWAHYFI... Frame	0 0	219ms 73ms	Preflight	213.227.153.222 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://b1t-eudc1.zemanta.com/t/imp/view/CDO2RBLMORRMDD7BC3C5OOB4UUV7RSB2UOHRLH6LKB7M3RK36D2MAM3YMQ5IYSLSCTWK2BM4OTBS753AA7GV7UOLLYYPVCAYXBQ7ZYFJGW6BEKYWZSZA7UTGVYLOCSNNB2CKMC2VL3AH4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NGCSEC36Q6Q7A4Z76P2BRAC5DB6ZFGKYCWZDI45YRQYAZE47D2KFZYELGJIOJQSMPZUTIJX4V5QI3G5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWLSETDXBOBX5DK2TEYJACP2MU2NIIQGLSFZG7IVBQZP4FOAL3E7UQXDNZ66Y2IWBVE4FWTBA7AOSPFNCNHP6SXP6S5I/? Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods HEAD, GET, OPTIONS Access-Control-Allow-Origin https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com Access-Control-Max-Age 600 Connection keep-alive Date Thu, 02 Nov 2023 21:36:58 GMT
GET H/1.1	200 OK	/ Show response b1t-eudc1.zemanta.com/t/imp/view/CDO2RBLMORRMDD7BC3C5OOB4UUV7RSB2UOHRLH6LKB7M3RK36D2MAM3YMQ5IYSLSCTWK2BM4OTBS753AA7GV7UOLLYYPVCAYXBQ7ZYFJGW6BEKYWZSZA7UTGVYLOCSNNB2CKMC2VL3AH4BAIX56NNXVTSZ6HOVWAHYFI... Frame 7EF1	26 B 294 B	60ms 59ms	Fetch image/gif	213.227.153.222 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://b1t-eudc1.zemanta.com/t/imp/view/CDO2RBLMORRMDD7BC3C5OOB4UUV7RSB2UOHRLH6LKB7M3RK36D2MAM3YMQ5IYSLSCTWK2BM4OTBS753AA7GV7UOLLYYPVCAYXBQ7ZYFJGW6BEKYWZSZA7UTGVYLOCSNNB2CKMC2VL3AH4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NGCSEC36Q6Q7A4Z76P2BRAC5DB6ZFGKYCWZDI45YRQYAZE47D2KFZYELGJIOJQSMPZUTIJX4V5QI3G5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWLSETDXBOBX5DK2TEYJACP2MU2NIIQGLSFZG7IVBQZP4FOAL3E7UQXDNZ66Y2IWBVE4FWTBA7AOSPFNCNHP6SXP6S5I/? Requested by Host: widgets.outbrain.com URL: https://widgets.outbrain.com/n2d/widget/widget.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com Date Thu, 02 Nov 2023 21:36:58 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 26 Content-Type image/gif
GET H2	200	ads. Show response fundingchoicesmessages.google.com/f/AGSKWxWnW06EX76m-d3_1VGPz_OmteTE_z1siArBzXiakNencfoyYlP1PqeMwfOZ-0XReI5FpQfe11bB2TGgUL3ya3PikMBenuh2-lHaMdekd7L3dL_ZK43pxtE-usZBRUaPzX4YdO37iu420P9mMg8CHIxxzpQUv...	54 B 298 B	73ms 70ms	Script application/javascript	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWnW06EX76m-d3_1VGPz_OmteTE_z1siArBzXiakNencfoyYlP1PqeMwfOZ-0XReI5FpQfe11bB2TGgUL3ya3PikMBenuh2-lHaMdekd7L3dL_ZK43pxtE-usZBRUaPzX4YdO37iu420P9mMg8CHIxxzpQUv_BsXZCy0r8An5x72btode0gs3hzdDw6/_-advertisement./advertisment4./direct_ads./ads9./jsc/ads. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxJ9jX15Bic0GcSFoeZTi8H8FnpJg/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash 89f9df63611fac6458d26b5e3b7fb58c0a90460c1bbdcfecac5040c1d38e4e21 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gCLDy7mYAFfnObukXfeubg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy script-src 'report-sample' 'nonce-gCLDy7mYAFfnObukXfeubg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	osd.js Show response pagead2.googlesyndication.com/pagead/	61 B 218 B	55ms 53ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxJ9jX15Bic0GcSFoeZTi8H8FnpJg/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 20:43:36 GMT content-encoding br x-content-type-options nosniff age 3202 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51 x-xss-protection 0 server cafe etag 16023549773543154165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Thu, 02 Nov 2023 21:43:36 GMT
POST H2	204	AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Show response fundingchoicesmessages.google.com/el/	0 200 B	362ms 60ms	XHR text/html	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mNOXUesD4Ey_upMCOFv1Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mNOXUesD4Ey_upMCOFv1Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.tripoto.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Show response fundingchoicesmessages.google.com/el/	0 200 B	362ms 60ms	XHR text/html	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eJyLRPkhhDPKDvN2zeRIxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eJyLRPkhhDPKDvN2zeRIxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.tripoto.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Show response fundingchoicesmessages.google.com/el/	0 201 B	87ms 87ms	XHR text/html	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FUy3KOzxI_UXY_KruYfc3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy script-src 'report-sample' 'nonce-FUy3KOzxI_UXY_KruYfc3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.tripoto.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Show response fundingchoicesmessages.google.com/el/	0 199 B	87ms 85ms	XHR text/html	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWHebmHShAapvZwbJoD6wNLU-HWbfvOsQYQuX2JtG8XwUL6TA6iKDYVASUZj-7cCEnSrcKzbiY8ypp-KdH8fQgT3sTMw9mJk5pYu6CK6YDS6A9WK0Am0aOnRdbCAPLjQo1WtSv-lQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xaAY6anyWM1CNq2xo6l1Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xaAY6anyWM1CNq2xo6l1Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.tripoto.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxXEen7rL1xww9FmXtAxVNnvk20y881zrY7tJKCZvKIoq7iRkPBO5eprLwwxz4Jy6msnym3RetyYAmuG-gyYQjgngVqS6XWqxxmNRJB34H8kX9BL8uHTD5Eg8cyZBO7-Z0Fpcdwpsw== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	93ms 93ms	Script application/javascript	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXEen7rL1xww9FmXtAxVNnvk20y881zrY7tJKCZvKIoq7iRkPBO5eprLwwxz4Jy6msnym3RetyYAmuG-gyYQjgngVqS6XWqxxmNRJB34H8kX9BL8uHTD5Eg8cyZBO7-Z0Fpcdwpsw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4OTYxMDE4LDE5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudHJpcG90by5jb20vdHJpcC9kOTQzMDc3My03NmY2LTExZWUtOWU5Ny00MjAxYWMxZDAwMzQiLG51bGwsW1s4LCJHOGZ1eXlIZ21ZQSJdLFs5LCJkZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash 37977a7c0873244999141285b4394ec6a0e3e43bc19962f7da8829b083921bca Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-pvl0_DSvGUmhWhbbJj6ESg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy script-src 'report-sample' 'nonce-pvl0_DSvGUmhWhbbJj6ESg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxVTDS0cNxRGdRRzUjizH0QRkv788szMumiLxyFq_X6jD-2XyCsKtNaKuMYqh-waMIRsgSckIuicYku6kNCyShy7y59_nX7Dz9GN2AzjL3LoMtrFUWcD-GSwLp8XhO4JSUfxCZzigg== Show response fundingchoicesmessages.google.com/el/	0 200 B	62ms 62ms	XHR text/html	216.58.212.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVTDS0cNxRGdRRzUjizH0QRkv788szMumiLxyFq_X6jD-2XyCsKtNaKuMYqh-waMIRsgSckIuicYku6kNCyShy7y59_nX7Dz9GN2AzjL3LoMtrFUWcD-GSwLp8XhO4JSUfxCZzigg== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xrpUZoxj_g3LxcFDhq46uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tripoto.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 02 Nov 2023 21:36:58 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xrpUZoxj_g3LxcFDhq46uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://www.tripoto.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/	0 0	84ms 84ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=4414626728775261&bg=!pKelp-jNAAbo5yKYyOc7ADQBe5WfOB6wel2UQ2zuiokI3YfH9HOeGzS-2hBeVFlDWLrtTNebkd0Qfh2o7-O0ivh7DaJaAgAAANJSAAAAEGgBB5kCtPV20OJXJ-iAx9Zegj2K6bPHu_uvu4_OVopL2DPeLKkA7ZP8fuNEyaNPVAlECQnmOcRiA2qQWushD7GxxRPM6T1tmCHNJ471HYl5QVGHOA3Gtbo8XwEzz0mc6wyD1Ogp4_YKl4Z8dRmRtr3PHotbhIKG4kM0OLEORMs2ODjvEKt4cyZM0uB91Kb17LNBwBam_YUfJchY-jJ3AJ5Xhwfu-ZZkExGG-uhKubs4lSd6ol-hQEifBwh-3N_YNwh4FYMFiTXVqR5LBH2FvByT4FfNR9j2YSRjL23xojh4mHD7oyUMiwxph3NdyCMVbexI6M_ECiOZUiFOsLP8soNFxZZQrbUnv0GbYwGNkZp2QlibNh_p-0j-m-qEoKKS_bMCpFYIovQaIVhMUmNeSy6uqz1VuZASYhqH0iq-0_fubLm0W5NCONnWk1NOly3aX1UzI-QUYt1hWxXtIRTsberGjKfLNtdBLbLfsJoFxACGv8P9BvAQhuKF7O2VoFCrzc0mIRjnaiTDow2MvB40rCbl_yNJzbdYxv4ttrxi_PiEwkrJ0t_YqaWpDbIXwqwELV8xIz4Zbu4ExgGNIJym-ggIikBRefn_WC9VS3PhWS9wpl_S9aXFCS0AZHmkVzg2P6QDRS4mINqOhqrs0NQzKkW7PotUFVYDVf_uBIOWZUMEM0i7ihZj1UyM06w5GEQ2b9tIX4mO8Swj2cf2dBKlSfy4j9u5L8ev4gA9Tdi9gqV1n4INel9CdaulHkEDouDWS7hkRbUlP_vq0wU39KjPOxuS-l-LIE75VqVUOcO272Ka26wDijIVKPCJg28Rv3xVnnlHkYgAj9290HSXt8rHOv-y2MzsopUvf2jFJmgThZzLSzT1irJGXwfF8Q8VLNSrZuZaxpiDALh-ErdqjY2gHDrnNYs1rTjN8rZP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7EF1	42 B 174 B	84ms 81ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskXIbeb20euxZaaIaM1H1SxxD-xhzXRHgqUYJ4lPBQ80k98zPtFObIn6_Is0_g1R0qLv24_SvjHGAqFLVpS4JkA6-5fkk6S5s1EZ1V&sig=Cg0ArKJSzKx_DGWwiJEgEAE&id=lidar2&mcvt=1000&p=658,1095,1258,1395&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=20&adk=1650752698&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698961017320&rpt=641&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://464585688f563a9cc83af68b8fbeb0da.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:36:59 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	60ms 59ms	Ping text/plain	216.239.32.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-V5P3L98JHL&gtm=45je3b11v873750459&_p=300002533&gcd=11l1l1l1l1&cid=829502827.1698961013&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698961013&sct=1&seg=0&dl=https%3A%2F%2Fwww.tripoto.com%2Ftrip%2Fd9430773-76f6-11ee-9e97-4201ac1d0034&dt=Launching%20a%20New%20Venture%20Harness%20the%20Power%20of%20Press%20Releases%20with%20Business%20Wire%20-%20Tripoto&en=Read&_ee=1&ep.eventCategory=trip&ep.eventLabel=page_1_of_7&epn.eventValue=0&_et=2560 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V5P3L98JHL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.tripoto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 02 Nov 2023 21:37:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.tripoto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT