www.trovi.com Open in urlscan Pro
195.78.120.88  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.trovi.com/	21 KB 8 KB	91ms 57ms	Document text/html	195.78.120.88 CONDUIT-
General Check archive.org Show headers Download Go to Full URL http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol HTTP/1.1 Server 195.78.120.88 , Netherlands, ASN56473 (CONDUIT-, NL), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash 29a738e5a55c141270d9606994c921b47a989528790bb5673a9c513ccb48eea4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:04 GMT Content-Encoding gzip Server Microsoft-IIS/7.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control private Content-Type text/html; charset=utf-8 Content-Length 8452
GET H/1.1	200 OK	hp_bing_load.min_DD668D7124A5590E18A77C5260D32F93.js Show response resources.trovi.com/Resources/Scripts/	1 KB 822 B	30ms 8ms	Script application/x-javascript	95.100.248.136 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://resources.trovi.com/Resources/Scripts/hp_bing_load.min_DD668D7124A5590E18A77C5260D32F93.js Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol HTTP/1.1 Server 95.100.248.136 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-100-248-136.deploy.akamaitechnologies.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash dee7df1ad0b319ccd65bc38aa56fb332965cce77b00ff5feb392bb6659471b25 Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:05 GMT Content-Encoding gzip Last-Modified Wed, 18 Mar 2015 08:22:23 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "aad855a95461d01:0" Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control private, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 822 Expires Sat, 14 Oct 2017 11:04:05 GMT
GET H/1.1	200 OK	BingHomepage2.min_15BC9E22689A7E7D7B190981D90EA9A5.css resources.trovi.com/Resources/Styles/	36 KB 10 KB	30ms 9ms	Stylesheet text/css	95.100.248.136 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://resources.trovi.com/Resources/Styles/BingHomepage2.min_15BC9E22689A7E7D7B190981D90EA9A5.css Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol HTTP/1.1 Server 95.100.248.136 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-100-248-136.deploy.akamaitechnologies.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash 1dee3e536f9ddf379dbcd1fc47194deb51075456e0f821546203b4f8acf9e1dd Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:05 GMT Content-Encoding gzip Last-Modified Thu, 13 Jul 2017 08:27:09 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "394514d2b1fbd21:0" Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control private, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Type text/css Content-Length 10665 Expires Sat, 14 Oct 2017 11:04:05 GMT
GET H/1.1	200 OK	mag.jpg storage.stgbssint.com/Images/Search/searchImages/	969 B 969 B	40ms 6ms	Image image/jpeg	23.35.98.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://storage.stgbssint.com/Images/Search/searchImages/mag.jpg Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol HTTP/1.1 Server 23.35.98.97 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-97.deploy.static.akamaitechnologies.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash ded3ce12b5b87335f342510638eebdcff9c71dc383faa54818bd2e59a4fcb694 Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:05 GMT X-Powered-By ASP.NET P3P CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" Connection keep-alive Content-Length 969 Last-Modified Sun, 25 Sep 2011 10:41:26 GMT Server Microsoft-IIS/7.5 ETag "769b3cad6f7bcc1:0" Access-Control-Max-Age 604800 Access-Control-Allow-Methods GET, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control private, max-age=31536000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin, content-type Expires Fri, 14 Sep 2018 11:04:05 GMT
GET S	200	gpt.js Show response www.googletagservices.com/tag/js/	8 KB 4 KB	27ms 13ms	Script text/javascript	2a00:1450:4001:81a::2002 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software sffe / Resource Hash 70c7296cbf0d20e7832ba2082139f3a2254703b3a162d07046ac2418a8f3c143 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Thu, 14 Sep 2017 11:04:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1505338504894908" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35" content-length 3787 x-xss-protection 1; mode=block expires Thu, 14 Sep 2017 11:04:05 GMT
GET H/1.1	200 OK	BingHomepage2.min_10B25F0F5019F625B86A082FBEEDBC72.js Show response resources.trovi.com/Resources/Scripts/	64 KB 20 KB	8ms 8ms	Script application/x-javascript	95.100.248.136 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://resources.trovi.com/Resources/Scripts/BingHomepage2.min_10B25F0F5019F625B86A082FBEEDBC72.js Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol HTTP/1.1 Server 95.100.248.136 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-100-248-136.deploy.akamaitechnologies.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash 4c394f0ccd38ebc052573e578b6fcdb76e92f2c9e742363628c5e361f29cc8d0 Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:05 GMT Content-Encoding gzip Last-Modified Thu, 13 Jul 2017 08:27:10 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "e2ce1dd2b1fbd21:0" Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control private, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 20755 Expires Sat, 14 Oct 2017 11:04:05 GMT
GET H/1.1	200 OK	button_bg.png resources.trovi.com/Images/search/	3 KB 3 KB	6ms 6ms	Image image/png	95.100.248.136 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://resources.trovi.com/Images/search/button_bg.png Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol HTTP/1.1 Server 95.100.248.136 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a95-100-248-136.deploy.akamaitechnologies.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash b6e35960862b8a7c2a38d8edc5a47c977d36dff572bbf9c0ec6e66dc0927bb77 Request headers Referer http://resources.trovi.com/Resources/Styles/BingHomepage2.min_15BC9E22689A7E7D7B190981D90EA9A5.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:05 GMT Last-Modified Sun, 17 Jul 2011 12:00:38 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "b13dd7247944cc1:0" P3P CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control private, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 2767 Expires Sat, 14 Oct 2017 11:04:05 GMT
GET S	200	pubads_impl_147.js Show response securepubads.g.doubleclick.net/gpt/	203 KB 71 KB	18ms 5ms	Script text/javascript	216.58.210.2 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS fra16s07-in-f2.1e100.net Software sffe / Resource Hash 6d8fbc7f6dc806a2e9c82eb2aaa996fcd4888a25dde01c8487c7a425c023bf9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 11 Sep 2017 12:08:38 GMT content-encoding gzip x-content-type-options nosniff age 255327 status 200 alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 72677 x-xss-protection 1; mode=block last-modified Mon, 28 Aug 2017 21:04:09 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Sep 2018 12:08:38 GMT
GET H/1.1	200 OK	container.html tpc.googlesyndication.com/safeframe/1-0-10/html/	3 KB 2 KB	11ms 6ms	Other text/html	2a00:1450:4001:816::2001 Google Inc.
General Check archive.org Show headers Download Go to Full URL http://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js Protocol HTTP/1.1 Server 2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software sffe / Resource Hash 48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Purpose prefetch Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Mon, 11 Sep 2017 12:08:39 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 26 Jul 2017 14:03:10 GMT Server sffe Age 255326 Vary Accept-Encoding Content-Type text/html Cache-Control public, immutable, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1789 X-XSS-Protection 1; mode=block Expires Tue, 11 Sep 2018 12:08:39 GMT
GET S	200	ads Show response securepubads.g.doubleclick.net/gampad/	8 KB 4 KB	39ms 39ms	Script text/javascript	216.58.210.2 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=48041257955630&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809147%2C108809107%2C21060327%2C21060363&sc=0&sfv=1-0-10&iu=%2F7454%2FConduit.Bing&sz=300x250&scp=acid%3DCT3324774%26src%3D55%26kw%3D%26IR%3Dtrue%26test_group%3D%26rollout%3Dtrue&eri=2&cookie_enabled=1&abxe=1&lmt=1505387045&dt=1505387045241&frm=20&biw=1600&bih=1200&oid=3&adk=2458192891&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.trovi.com%2F%3Fgd%3D%26ctid%3DCT3324774%26octid%3DEB_ORIGINAL_CTID%26ISID%3DMA312567B-84B2-4586-ACE9-6809313C8E76%26SearchSource%3D55%26CUI%3D%26UM%3D6%26UP%3DSP359D8142-B978-42F2-A4AE-EDF346467E86%26SSPV%3D21513SPPA_sp_ch&dssz=9&icsg=10&std=0&vrg=147&vis=1&ga_vid=329780411.1505387045&ga_sid=1505387045&ga_hid=245500472 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS fra16s07-in-f2.1e100.net Software cafe / Resource Hash 6992a6b47bb232f08a8adb1ad3ef17f035a8eac982ce58a259ce0710342eed4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 14 Sep 2017 11:04:05 GMT content-encoding gzip x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="39,38,37,35" content-length 3757 x-xss-protection 1; mode=block google-lineitem-id 50136214 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 50594247934 content-type text/javascript; charset=UTF-8 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET		container.html tpc.googlesyndication.com/safeframe/1-0-10/html/ Frame 3134	0 0
GET H/1.1	200 OK	osd.js Show response pagead2.googlesyndication.com/pagead/	76 KB 28 KB	11ms 6ms	Script text/javascript	2a00:1450:4001:81a::2002 Google Inc.
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_147.js Protocol HTTP/1.1 Server 2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software cafe / Resource Hash d036c66bbb5ef10a69687882fba0640b4c58eace6f44e96108f0fd3698b2c3da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 10:58:30 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe Age 335 P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" ETag 6784087098440633153 Content-Type text/javascript; charset=UTF-8 Cache-Control public, max-age=3600 Content-Disposition attachment; filename="f.txt" Timing-Allow-Origin * Content-Length 28588 X-XSS-Protection 1; mode=block Expires Thu, 14 Sep 2017 11:58:30 GMT
GET S	200	nr-1044.min.js Show response js-agent.newrelic.com/	22 KB 9 KB	24ms 7ms	Script application/javascript	151.101.114.110 Fastly
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1044.min.js Requested by Host: www.trovi.com URL: http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Thu, 14 Sep 2017 11:04:06 GMT content-encoding gzip x-amz-request-id DEFF4C4504138100 x-cache HIT status 200 content-length 8859 x-amz-id-2 ZMcc7b6VjTFSTqE1T8zlmKnx5DBSdINXQppRWgbi3l+nBxVRZP8qLIMntmKYT3U/Lwwq6Ml251g= x-served-by cache-hhn1527-HHN last-modified Fri, 30 Jun 2017 21:57:05 GMT server AmazonS3 x-timer S1505387047.502010,VS0,VE0 etag "6442aaa45ec28f8b2c541026f3c24871" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 12116
GET H/1.1	200 OK	NavLinks.ashx Show response www.trovi.com/Dictionary/	0 0	15ms 15ms	XHR text/plain	195.78.120.88 CONDUIT-
General Check archive.org Show headers Download Go to Full URL http://www.trovi.com/Dictionary/NavLinks.ashx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch Requested by Host: resources.trovi.com URL: http://resources.trovi.com/Resources/Scripts/BingHomepage2.min_10B25F0F5019F625B86A082FBEEDBC72.js Protocol HTTP/1.1 Server 195.78.120.88 , Netherlands, ASN56473 (CONDUIT-, NL), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Thu, 14 Sep 2017 11:04:06 GMT Content-Encoding gzip Server Microsoft-IIS/7.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control private Content-Type text/plain Content-Length 119
GET H/1.1	200 OK	a1d22798c5 Show response bam.nr-data.net/1/	57 B 57 B	433ms 107ms	Script text/javascript	162.247.242.18 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/a1d22798c5?a=39587145&v=1044.a6554e7&to=bwEAY0dUD0pQUBVfW1ZLI2RlGgVcV1IUWkAWBRFHTQ%3D%3D&rst=1480&ref=http://www.trovi.com/&ap=36&be=97&fe=1450&dc=274&perf=%7B%22timing%22:%7B%22of%22:1505387045027,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:24,%22c%22:24,%22ce%22:36,%22rq%22:36,%22rp%22:93,%22rpe%22:105,%22dl%22:93,%22di%22:274,%22ds%22:274,%22de%22:274,%22dc%22:1450,%22l%22:1450,%22le%22:1452%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1044.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-6.nr-data.net Software / Resource Hash f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23 Request headers Referer http://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA312567B-84B2-4586-ACE9-6809313C8E76&SearchSource=55&CUI=&UM=6&UP=SP359D8142-B978-42F2-A4AE-EDF346467E86&SSPV=21513SPPA_sp_ch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Length 57 Content-Type text/javascript;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tpc.googlesyndication.com

URL

http://tpc.googlesyndication.com/safeframe/1-0-10/html/container.html

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.googlesyndication.com/	2019-09-14 11:04:05	Name: _ga Value: GA1.2.1024727165.1505387046
			.trovi.com/	2017-09-16 11:04:06	Name: UHP Value: true
			.trovi.com/	2027-09-12 11:04:06	Name: UserData Value: 2017-09-14T14:04:05
			.trovi.com/	2019-09-14 11:04:05	Name: __gads Value: ID=c999bc427219e5cb:T=1505387045:S=ALNI_MYXwKQKcJP5qJxLcFkwVYjPROrlNQ
			.trovi.com/	2027-09-12 11:04:06	Name: UserId Value: bb616ae7-fea6-4e5b-b3cd-0b4e0dbca2f7
			.googlesyndication.com/	2017-09-15 11:04:05	Name: _gid Value: GA1.2.1731344988.1505387046
			.trovi.com/	2018-09-14 11:04:06	Name: gil Value: de-DE
			.trovi.com/	2018-09-14 11:04:06	Name: gid Value: GOOGLE_DE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
pagead2.googlesyndication.com
resources.trovi.com
securepubads.g.doubleclick.net
storage.stgbssint.com
tpc.googlesyndication.com
www.googletagservices.com
www.trovi.com
tpc.googlesyndication.com
151.101.114.110
162.247.242.18
195.78.120.88
216.58.210.2
23.35.98.97
2a00:1450:4001:816::2001
2a00:1450:4001:81a::2002
95.100.248.136
1dee3e536f9ddf379dbcd1fc47194deb51075456e0f821546203b4f8acf9e1dd
29a738e5a55c141270d9606994c921b47a989528790bb5673a9c513ccb48eea4
48098da7b08a94c3c3c814c6c7f1ec8caf664c16fd02771b86ea4a88469ba11e
4c394f0ccd38ebc052573e578b6fcdb76e92f2c9e742363628c5e361f29cc8d0
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
6992a6b47bb232f08a8adb1ad3ef17f035a8eac982ce58a259ce0710342eed4c
6d8fbc7f6dc806a2e9c82eb2aaa996fcd4888a25dde01c8487c7a425c023bf9c
70c7296cbf0d20e7832ba2082139f3a2254703b3a162d07046ac2418a8f3c143
b6e35960862b8a7c2a38d8edc5a47c977d36dff572bbf9c0ec6e66dc0927bb77
d036c66bbb5ef10a69687882fba0640b4c58eace6f44e96108f0fd3698b2c3da
ded3ce12b5b87335f342510638eebdcff9c71dc383faa54818bd2e59a4fcb694
dee7df1ad0b319ccd65bc38aa56fb332965cce77b00ff5feb392bb6659471b25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23