trovas.ch Open in urlscan Pro
3.127.76.126  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

• https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
• https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 87

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1&C=1

Request Chain 88

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgz02CPlXV56VkkcerrYwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1

Request Chain 91

• https://fw.adsafeprotected.com/rfw/bgd/709972/54770482/xbbe/creative/adj?p=APEucNXK57cA0RP9JkDMmV1iANR2GsluQwfqBoQHCLJOwspXE0Fawb8&d=CnkAoCZ_4Bb1KVpIYIcdp88AF1Bo36OJFpvnQwy6NgBclSWwhYY08Efp8-N_cl946uKn_Aj78V41hK-XHD842U8o8qOnMsL9ILQPh5i8M1pgVroSXebxN_jLsktnu-oi_XA2X_xKYAYiQbRbnRbmbiwOSGmSsEDCCBbiEqkSAKAmf-AduTrjNKwLl-kMiRMwTlKjn8fcCAuLFeZ23PJZ6Yn5dZG5JY_XjCYTBRorweOOoltkou-AZQLD8rDv0NEVCk7aljq9eU8G0rON8VrjOsq_kVHsPAJwLB1ebWB24b2zuvt3sgHK9XLA_FHU74Tj3fqPSX2o7BVwPUhnJolJVeO8bbCccM2KsIVn15BO7AVKFJWJ2h3ubTH53C1Eh17S_wGeZTUyElUPvgCZQwPjkn_TOlHac6OfotRfwvqxqQlt5GJ_2r2EyR_7a2bdFrYTO5WtZgswJjxdeVrNde5Gz9aB9QjziQsUuLncdiN_BqHbND3LhcpQNzQ9OpGo81xE53a36eXR_-i5EYmWQKexKDyLAcVq4gTDNQTQhzRt0GT2A_iYbVJmkJJUjivqZjwGNP-VZy8FGWV2i3zl56EuT-QKIsEx9g7BNhUpg8HSSGYOscNOP9ziccWnA2U3PMdXX1tVAAbz21XQoI4Wh_JOHdMxxqiffHmdgkdWPUyM7GF5ajQ9HdjYxgSs0NePVP6AuWDBigYniDjQX59ja4ESFB5BhmkFyAJjsYVUm4-OUsRGz5VXt5TQkQQak735-5rfMgvZXIg8Pl3RNLag0acJ7r4oEU4TsFclouBvP5Z5JrmTu0E4Ogb-zk9A4IXvB_KyaP-YqANnuAtm12NfEWrTCNziKUmhUtnyvzgM8a5u7Pg6Pnywx4XLCuPqfRREXN2MOUqCB_rzqoFHF9KrTgrNWY3Dlrdl70TQsny6mS7rblekkEaKhTAQfqxx-C4zkrp5y6Deyp4th_sgl16mdUPepIuJsMFpunG5rzHS5h331pmFwrgGIWx-JKpufACizaAE3kiLbiifjVDliPxqGpCRASt7FLJe6ALEsIia_VqNvEc3LUMFxAgtK6IsKtsewgFsiDAMLfkullj07eR5wv9KcRQPn44gk1fmhuKPBSnMKGEA6nNEFPJ7pIlcywBDzbgGQ3A8P6-zffuA8EGeEKgtjOVXJr8BHJZpNcROlf2NbX7oUkYPSVKfKLYxCO_ss17A17HP_uxHhxWvtOoII1WD5EEi-s66a9VoX9uMMXr2aG2KsSEXnwdgp34nvd3pTiJJDf7fPslPBXMIwEcFvqb3u94xBB8z9sNdYG6w9e4E7EQVZT58Xkr4OoPxpnbVWYUwWSX2evuOjkidgddIng8QTJu-dafRoWjPRwPLRmOMOFqIS9qt_vUpolMTFjfcDdWbX4XMl3qXnjVbOhi68MPranTqFG8puI31t45_oF6F3Ko26ARWSe4ecuwTRP2VKDZP_-CRMXHXf5FwM4yZKWM3hi-VgyGu6dG25WTk2_xjgRrEoAzeNuE2ASmVwBqOUwpIWLDrpxDFvc6d_VIdsbX86GtSVL9pLrEs8YECboOtSQZ5ir7nrmEiJAtd2qNpzohsozriA5mzEyYLXS0GRkbknwlSOtfboNzDT4JSjDXZwHn9PyfJLiW5y4Jgnl1ErMjwb76uoabjoCpBFO9JU2AQCY5TAqm5SYDrToH9PW4kiTfivOsTI_hV5X7leaBggB0p15LoQolLWQifQ0M_Z8T-TP4SYBrg6859H7ox2yHmQHKF1HmrGffhUzbbermqu0qGnJeyOACroYtTrsULpcd3cqo7v9_ZI2C8vX_-8SvVg94k0Y2Kfz9cpQuIZuB8hYvOk7UstM2FrDA-wXlg33jDQjKmkRbHfbiqFlDSD-BFoT8RyNCVmOIAD3HfcmT3-DiQmK2N4vIJ5m6JKzGENwGpaBdvqPbhUzEHOWI7anpkF49oYTHyEou0-RIOAJC8IiZBAJl5zQqg8HJGRPz1e3SGvKH9CJnizEapt2ZXlVN8NvY3sxXD4OXyOvg2PvhFtTZtyMehnIhQUUbWRZSYKmsHkCwNdZYGQvciNUvUlWsH1sXPFOx6wUGhqbZ-NzVrBbeVj5q4Z3-l9_I-jLBAmfuWjRjZwUdWHgwOQfCy1BuewFUMLKIISQpw5SuZJ2kAuH1-cev2uggxF3L6BAK_II6zY8REfuizaer9xBv4zfvvteXb87qyyIPb5ZcGes926zsiz8Dp7siGAcf0_Stx3V4LfYK_owWXKp8JA_gfVIbKBMZ_X5_9oGOvYNXIxZGphxR70J9G72ffizUr7j9yTNNGYBQVImFwVV9zLbvBJHIQ1chseLESQ-eEkYo3G-CoxX13Jslv05LoP0kbpQZyAndVWrf1hezWTWnutZyeE8ViGQM_QIE_im7ZWxJYSf4XeAdkNeWIgSljouiyHXh61JafcI5i9zZIoS0mWIQkjEV68cWC8QIwMGxQZYhyHnD8Yd7MiGmAgN8tDqkbKRwoCCq_IT0GfaphoLmoDbtm0vv4x0uYnrKmCr4FMTm7MJf2Jn9uMC3z2312IX_sRk_H_kHRwRrd6WNk2Qnjmgyi6Ugl8R_Cyl0wirwAncq_aFrst5mhLERMQ764oLMkIJPqBTEhdgysKq5qXSPuVozSZWlTeKvskS-hVr_NrZbvdKWMe88B-nkQhIg8PYRKc-vctBjHixnRQLLkYNcDjXmaomjen0ykhFqkALtVBQ1q8vMXIl1CwLFdKiGHLDOrmHUA_dq6osqEa0eL15wcltrCu0KThE19S_f_ulSXQXhrq-F9jtkvY_RRteMWoMg70hq29cHbi2k6-lALqxs5p4rM9qhW93NBeC5oLRrCmjasunjKfrabqsLLejilKqYHg_T350d6xttx1Cv-6m3SxITmLgfHUp-wEIo9a9j0Bgml3ccQRtZE82GVrOpoTjNpRfj8RYZAzXpcDgFr_AUG2hPytj6-paEKSYvGF1DJt79SPmnkdMw0IEWDNlwna4MTk6dz-heei9bl-Wj1RxQYBS8c7p--fdD_dgeBMJPjBTb7E7D4XK3Ae9fTb5nby4Zfvzr2VwAqmtO9r5Ggr49JaDf1cFUOTa0TNsg6UOzMvVWHtFMAdUpY8a3HNFvgA4TqB3R6W5Ah0vmSFYxg3XeI6MwmUVLTo859c-wWsVHRbtQv2h6pkKSrZFiHm2n_UR4ATKXnYTqqyg71yBbZQCjeYBuXCT6tmRvndf0nonDfJLGmDcc4Paguth9iY-kWH-M6gD1dFfDmZ6v870G-QtMaGQgAEhXkaPrgupMvU_aahqsQLd_yQtDLvvBgAQ&adsafe_url=https%3A%2F%2Ftrovas.ch%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:740dc9e0-ff62-5e1c-d2d2-8bfcaaf5a28c,c:dijVYt,sl:na,em:true,fr:false,mn:app32ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sy5tC0s+11%7C12*.709972-54770482%7C121%7C1221%7C13,idMap:12*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:22,oid:bbc146f8-ba83-11eb-b246-06cf570a4b4b,v:19.8.201,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/passback_300x250.js

Request Chain 129

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1

Request Chain 130

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgz02CPlXV56VkkcerrYwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1

Request Chain 132

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1

Request Chain 133

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgz02CPlXV56VkkcerrYwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1

Request Chain 148

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPJuAcr6EF-p-bU1Rjcv-1M&google_cver=1&google_push=AQvitULjWQlWkP47RqG6qdL0q0t6M9nNQDQjvCQWVXcb2xx-RRpdyK2sqDGK3gxpL_5bHRqvNVjCXHqD4cNOXQbmckrmlg51_jE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULjWQlWkP47RqG6qdL0q0t6M9nNQDQjvCQWVXcb2xx-RRpdyK2sqDGK3gxpL_5bHRqvNVjCXHqD4cNOXQbmckrmlg51_jE

Request Chain 149

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUKePPIlQwnIakbnv7h3Wa-sQQJoZ91hE2_LTLlPysn7B7uF4WgjGUFwUZwXVgedLMBWqV7FqNKfsT-H9VXb-QqHTVn3Ly0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUKePPIlQwnIakbnv7h3Wa-sQQJoZ91hE2_LTLlPysn7B7uF4WgjGUFwUZwXVgedLMBWqV7FqNKfsT-H9VXb-QqHTVn3Ly0

Request Chain 150

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENOnGkOso1VXZroLS0dHMQE&google_cver=1&google_push=AQvitUJAfGIADiHXtRAgeZMk3_Ot5V3M6jiTuE42u8B3JQK8pKWMBwA4-ntD2LRzWTqBkuZV2ZE8JjcRWNNRAjXrB6XrBgU9oQ HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESENOnGkOso1VXZroLS0dHMQE&google_cver=1&google_push=AQvitUJAfGIADiHXtRAgeZMk3_Ot5V3M6jiTuE42u8B3JQK8pKWMBwA4-ntD2LRzWTqBkuZV2ZE8JjcRWNNRAjXrB6XrBgU9oQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U

Request Chain 152

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCrdV4NlNjyJg4Q7EE484w&google_cver=1&google_push=AQvitULTW4i01l454q_OS7tFO6cFp-54dFQHC_5ImAp6JNN55Xf80Bn4SYs8kL73mr2S51auqQ6DBnQdXBTxyZf3WHRfwSSC-1A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ZVzhKNUQtMVktMlBMSg==&google_push=AQvitULTW4i01l454q_OS7tFO6cFp-54dFQHC_5ImAp6JNN55Xf80Bn4SYs8kL73mr2S51auqQ6DBnQdXBTxyZf3WHRfwSSC-1A

Request Chain 153

• https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEEEJiYP9JZl9cEoHlyNLZa4&google_cver=1&google_push=AQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaTVFo7HjlPaQ HTTP 301
• https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D57c3cc52-4b00-4e57-9818-6b0a34df0242%26google_push%3DAQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaTVFo7HjlPaQ&ssp=googleban&exu=CAESEEEJiYP9JZl9cEoHlyNLZa4 HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=57c3cc52-4b00-4e57-9818-6b0a34df0242&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D57c3cc52-4b00-4e57-9818-6b0a34df0242%26google_push%3DAQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaTVFo7HjlPaQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=57c3cc52-4b00-4e57-9818-6b0a34df0242&google_push=AQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaTVFo7HjlPaQ

Request Chain 181

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUJtArbF1mt6cMae7QFkhgdnVjnJ3-cmpmwculo2lN-9QWIOgx4LdLWSHg_xs-AKO2PqOksYAWBSc-092IG10H-yzSjtCLmk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUJtArbF1mt6cMae7QFkhgdnVjnJ3-cmpmwculo2lN-9QWIOgx4LdLWSHg_xs-AKO2PqOksYAWBSc-092IG10H-yzSjtCLmk

Request Chain 182

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMi-VaZICATlbEXV_a4dDtM&google_cver=1&google_push=AQvitUL9mtVeRs3b7zvmCNKld2zZz0lxq7QJQ4IWJ88cvGFTjN7Yqg3UhMe2yzztl9gPpIDcr7vEuyBoighjOjA-iZ0QnRt3guwg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL9mtVeRs3b7zvmCNKld2zZz0lxq7QJQ4IWJ88cvGFTjN7Yqg3UhMe2yzztl9gPpIDcr7vEuyBoighjOjA-iZ0QnRt3guwg&google_hm=cVQxJI40TC2YBLgv1f1bwwk

Request Chain 183

• https://px.adhigh.net/p/gm/rub?google_gid=CAESELxwqmAnotSX4N5qQ33Rrcg&google_cver=1&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf HTTP 302
• https://px.adhigh.net/p/gm/rub?google_gid=CAESELxwqmAnotSX4N5qQ33Rrcg&google_cver=1&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf&bounced=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf&google_hm=Sbyru7PLOE0AAikABlF5kQp73w%3D%3D

Request Chain 185

• https://match.360yield.com/match/ebda?google_gid=CAESEKclGcpePnHlsY8OEF3uOy8&google_cver=1&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0p7YNQneH5L9E HTTP 302
• https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKclGcpePnHlsY8OEF3uOy8&google_cver=1&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0p7YNQneH5L9E HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UTD4XSePSgKMJM-0BY2pcA&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0p7YNQneH5L9E

Request Chain 186

• https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFi8kIeg3UcFs36gt-DRgi0&google_cver=1&google_push=AQvitUJyEMpKc7uymcURr-nwqoso_u_R51VS3T8P4AyR5Dg1FwkhAduI1Aw1J_xoAwvcEkKEPoAH5Fk0GXwdMRyveg6Xal35A0wC HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJyEMpKc7uymcURr-nwqoso_u_R51VS3T8P4AyR5Dg1FwkhAduI1Aw1J_xoAwvcEkKEPoAH5Fk0GXwdMRyveg6Xal35A0wC&google_hm=MTcyNjkzNzc4MDc1NTU5NjE1Mg%3D%3D

Request Chain 187

• https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGo1r0Aor3psKOkHd8Si3VQ&google_cver=1&google_push=AQvitUKA8yMbSo-OIYBJpSbyflTorjmb8MFZB68okfEpeoOL0_Ib_NBh6EhZf4PBbGJTt4v9-ukQKJLfGKmvbcGLimqEM1wCGFhpQg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzkzMTMwMTMtY2MzOC00MDYwLWIwYWQtNTFhMmZkYWUwZGMx&google_push=AQvitUKA8yMbSo-OIYBJpSbyflTorjmb8MFZB68okfEpeoOL0_Ib_NBh6EhZf4PBbGJTt4v9-ukQKJLfGKmvbcGLimqEM1wCGFhpQg

Request Chain 196

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEMN3r0cJ-4dsTo3E0D8b_Co&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMN3r0cJ-4dsTo3E0D8b_Co%26google_cver%3D1

Request Chain 197

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MTgzMzU3MjE3MjAwNDM0OQ%3D%3D

Request Chain 198

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHMSNtO9GqLgvI2A7nLes9Q&google_cver=1

Request Chain 199

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjljZjMxMWEtZGM0My0yMjUyLWQ3NzAtMzlmMjhjMjYxMjE4

Request Chain 212

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPJuAcr6EF-p-bU1Rjcv-1M&google_cver=1&google_push=AQvitULPcJZbFysHMKIRmlvIRtD3xrr60D3tFPv8PpxsL9RfjHdmzltAkVMD9hBYXFv8pClnnXu9tFR1iNLp9MW7TzXWpBvgGqA- HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=cI9gqDPVRgCrEOc84B6YVQ&google_push=AQvitULPcJZbFysHMKIRmlvIRtD3xrr60D3tFPv8PpxsL9RfjHdmzltAkVMD9hBYXFv8pClnnXu9tFR1iNLp9MW7TzXWpBvgGqA-

Request Chain 213

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUKTUep-VNsbEgStHm6xR5g0U3WbbHptFYjGzZvR3YkodpFWRoEa5PrYTuAgwWv7eZP71T8f_JsCN8uaqUr94fOObbKVpz7Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUtnejFRQUJLRzFGUUFBQw==&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUKTUep-VNsbEgStHm6xR5g0U3WbbHptFYjGzZvR3YkodpFWRoEa5PrYTuAgwWv7eZP71T8f_JsCN8uaqUr94fOObbKVpz7Q

Request Chain 214

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIoq9wPdlBAP_K3D4HWiaZ0&google_cver=1&google_push=AQvitUK1rEyooPcV-fUmjErrZrT1wXC3O6u425Qixoay4e1lEB-UrRXAJEEjyO6JodAr5D_5_VZAC1KZuNsWKjxMijr5wlBgu_lR HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUK1rEyooPcV-fUmjErrZrT1wXC3O6u425Qixoay4e1lEB-UrRXAJEEjyO6JodAr5D_5_VZAC1KZuNsWKjxMijr5wlBgu_lR

Request Chain 215

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENOnGkOso1VXZroLS0dHMQE&google_cver=1&google_push=AQvitULXrNAgebeMNM87kvVKa48bCCITGLO_CfBZOmF6bmQEK_sFIbZr_uFwgeTXYMfhXO2OCykm58jolMI4kiCBKJ0gWVFRBfnf HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U

Request Chain 216

• https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHrNT1QnyBWCF_BzamV03Mg&google_cver=1&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyPIAAzCJ574fM-EVHCPZ HTTP 302
• https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHrNT1QnyBWCF_BzamV03Mg&google_cver=1&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyPIAAzCJ574fM-EVHCPZ&prevuid=03030003_60a833d63f47b&knw=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyPIAAzCJ574fM-EVHCPZ&google_hm=MDMwMzAwMDNfNjBhODMzZDYzZjQ3Yg%3D%3D

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
15 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response trovas.ch/	101 KB 25 KB	218ms 157ms	Document text/html	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 67f542be79bf4173addf954093107a1f8f2dca8eeb0ccb08126c5f3da300fa01 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :method GET :authority trovas.ch :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control max-age=0, must-revalidate, no-cache, no-store content-encoding br content-type text/html; charset=UTF-8 date Fri, 21 May 2021 22:27:27 GMT display pub_site_sol expires Thu, 20 May 2021 22:27:27 GMT pagespeed off pragma no-cache response 200 server nginx/1.16.0 set-cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; path=/ ezoadgid_174954=-1; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:27 UTC ezoref_174954=; Path=/; Domain=trovas.ch; Expires=Sat, 22 May 2021 00:27:27 UTC ezoab_174954=mod1; Path=/; Domain=trovas.ch; Expires=Sat, 22 May 2021 00:27:27 UTC active_template::174954=pub_site.1621636047; Path=/; Domain=trovas.ch; Expires=Sun, 23 May 2021 22:27:27 UTC ezopvc_174954=1; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:27 UTC ezepvv=463; Path=/; Domain=trovas.ch; Expires=Sat, 22 May 2021 22:27:27 UTC ezovid_174954=456157868; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:27 UTC lp_174954=https://trovas.ch/; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:27 UTC ezovuuidtime_174954=1621636047; Path=/; Domain=trovas.ch; Expires=Sun, 23 May 2021 22:27:27 UTC ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:27 UTC ezCMPCCS=true; Path=/; Domain=trovas.ch; Expires=Sat, 21 May 2022 22:27:27 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-middleton-display pub_site_sol x-middleton-response 200 x-powered-by PHP/7.4.18 x-sol pub_site
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	62 KB 21 KB	78ms 29ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash d1c659ae6d66d0580dc69cbeb5aaac8a757517ee5086f4ce8a7afab8ae8f8aa4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "879 / 269 of 1000 / last-modified: 1621634946" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21318 x-xss-protection 0 expires Fri, 21 May 2021 22:27:27 GMT
GET H2	200	dall.js Show response go.ezodn.com/hb/	285 KB 83 KB	60ms 36ms	Script application/javascript	2606:4700:3032::ac43:b890 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,medianet,oftmedia,onemobile,openx,pubmatic,rhythmone,rubicon,sovrn&cb=194-4-19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:b890 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1f0a5a05b53edf17383474ca89a81dc57dca486a71c64cb257290467f6ab76f Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 152450 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LxjV5Yp9AjrqA25ryNjOx3UnSGFA4PofosJtTN%2FH8w32IuddVJg2nt89HFjYu3DaCvWIzYeMNS3cDN5bnI%2FW4i88dUCiSvQjuaS6O3O2lAduyw5s7eJFYpI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 65313b712e6e3237-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a32a37aba00003237de1b2000000001
GET H2	200	/ trovas.ch/	2 KB 768 B	60ms 60ms	Stylesheet text/css	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/?ff=1&pI=style.css&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 6f0cee03cafba12a1684d4f70f2c7c1d9c3534e28c3b200e618657234b23a793 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /?ff=1&pI=style.css&wps=true pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol pub_site display staticcontent_sol, staticcontent_sol x-powered-by PHP/7.4.18 x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 content-length 593 pragma no-cache response 200 server nginx/1.16.0 strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	style.css trovas.ch/	15 KB 4 KB	67ms 66ms	Stylesheet text/css	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/style.css?ff=1&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash ffcc632ac20394b6d29315f30b7f8672b1fbdf38f70e129857d1bef673d45e2a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /style.css?ff=1&wps=true pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3800 response 200 last-modified Mon, 10 May 2021 21:42:43 GMT server nginx/1.16.0 etag "3af8-5b452638c2480-gzip-gzip" strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css cache-control max-age=604800 expires Fri, 28 May 2021 22:27:27 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	88 KB 35 KB	24ms 19ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e18a9e7661b03734664c271b138a13b518ef46bee5f963689a34cf81e5e8b965 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35743 x-xss-protection 0 last-modified Fri, 21 May 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 May 2021 22:27:27 GMT
GET H2	200	banger.js Show response trovas.ch/porpoiseant/	43 KB 10 KB	29ms 25ms	Script application/javascript	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 6479a7112fd3ba54336deaf72ae4beb06258c65426d5e29d02ae524bbf18d600 Request headers :path /porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET H/1.1	200 OK	/ can01.anibis.ch/	107 KB 107 KB	107ms 27ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/182/836/038/nXX5-mULkkmrwguhzBrA9g_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 8a08e3990d4e334b12e1ebae74e943adda9d8cdd7a25ccebbcf24cc24ac088c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	49 KB 49 KB	136ms 40ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/660/825/038/AabIn0AA7ES38xN6LE6pbQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 65bc1101e7b3e9b2235daa9fff7e62faae38c3b1c1903f237c3e430eee7d3e24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	68 KB 68 KB	136ms 41ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/122/355/033/xipyYqfD1ku81I-Fa_TQ4w_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash aee5ff41162f39e95aa9c9a5dfbb9310e64271ab557c736536cd71d306dc0057 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	16 KB 16 KB	155ms 50ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/017/817/038/DCLF_82rFEGVdOJbsNhenQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 0f39b1eb543f313e08b3cc7ff8f0e39e5b5b2563e9bc337165665be80455e68a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	44 KB 45 KB	143ms 38ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/387/815/038/M1oSUzr8LEWAkfReufgjDw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash e812ce7166be8068d854746151c8f1749e8e9ec6a4c4430a215aca583f78d531 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	58 KB 58 KB	157ms 46ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/201/742/035/EeLhDWYndU-P6gbJOuMyxw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 3d0910f0192f58b728212766b9b68ee46adc5c75cc9d00193a6c1fac40f54026 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	109 KB 109 KB	48ms 41ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/854/052/033/F6jirbo-1kamnW_yBttqDQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash de8bd0df9a9712b526c97f2705dc1307357e96ea909eb00186bb540a4b114aaa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	31 KB 32 KB	48ms 42ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/111/786/038/dlzquoJgMUuJTAiasSUqcg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 723cb264c12d8a47639016bdd88670b6c3b3543c22d5aa1a2fea643858bdf894 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	22 KB 22 KB	52ms 49ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/952/772/038/kLxV0m1_SE-UFXWQJ8z3Fw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash b4d30d0b5f3f1432dc7509f5e2e73fc0b63818a356d5d665a90632a969b59622 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	54 KB 54 KB	39ms 28ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/400/868/037/HZqbXqsWC0mf2Z6YBvqRDg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash fe993487b5dd5533b4e2900d3e55329300f774c1d8538aefc92f9b5dc1f67b83 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	45 KB 46 KB	44ms 33ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/624/200/038/8TuoUa9T-Ee5H3n_LEeJ7w_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 716a707c3c108968eb7f8df03ac9378cbb0dbdbf5639181974dcf560c2210ae0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	28 KB 29 KB	54ms 43ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/351/757/038/R4g7oB0nXU6ShiMF4wj5ow_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 3eb3297a61e3a168200f41590e96ebf76772203d545444af84f53f3173f460aa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	72 KB 72 KB	23ms 21ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/633/754/038/4IVfLO-zbEWGiNxPZ03b0w_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash a74ffc5fcb9838628b731e39d38541867df152c83d440cc53ee3f8f4e16aee50 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	42 KB 43 KB	30ms 28ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/750/083/036/3fywLtJLKECdupYrnUNI6w_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS Software nginx / Resource Hash 2ab3bf0bb75912f4b4370af1be4d4915e2b2fd157e8f9326a3ddec0622d21ac7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 22:27:27 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 22:27:27 GMT
GET H2	200	sweetalert.min.js Show response unpkg.com/sweetalert@2.1.2/dist/ Redirect Chain https://unpkg.com/sweetalert/dist/sweetalert.min.js https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js	40 KB 11 KB	15ms 15ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 5188849 vary Accept-Encoding cf-request-id 0a32a37b2000004ab56887b000000001 last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 4eaf4aaeb6054415aa4b32f6ea009e6e cache-control public, max-age=31536000 cf-ray 65313b71cf534ab5-FRA Redirect headers date Fri, 21 May 2021 22:27:27 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 202 vary Accept, Accept-Encoding cf-request-id 0a32a37afd00004ab55b346000000001 fly-request-id 01F68GEDB4DKNNF8SENE174SD4 server cloudflare location /sweetalert@2.1.2/dist/sweetalert.min.js expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control public, s-maxage=600, max-age=60 cf-ray 65313b719ef04ab5-FRA
GET H2	200	ezosuigeneris.js Show response g.ezoic.net/	555 B 563 B	76ms 25ms	Script text/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigeneris.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.0 / Resource Hash f2302429ccaab13d383d00f886fc9601099ada1b38e89dd12c4df5b7c4177a7b Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br last-modified Mon, 10 May 2021 21:42:43 GMT server nginx/1.16.0 etag 1d860ba640dfe5408052022f76f2e020 vary Accept-Encoding, Accept-Encoding content-type text/javascript cache-control max-age=999999, private content-length 278 expires Mon, 29 Apr 2020 21:44:55 GMT
GET H2	200	cmb.js Show response trovas.ch/detroitchicago/	122 KB 31 KB	33ms 32ms	Script application/javascript	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 7cd481d8534a094c16305ef79161f6b2298805cf9561725b25a93c95af9248d0 Request headers :path /detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b112735cd560ccdafebb2cb9f6a66efb65e00721265a1ffab0ca3341105983d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5dabda3c6f0eb9c30d61aeaac42d50d81e247093f88bf51db72d7e97c6dea1b8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 774ccf1a7033950e23c7f32b21b95d0b25d60427d63ff4abb0050b089a1b5612 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7824da54f23df319fa1861e7169325d5afe289ab47d16c40017e996737b77649 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93cba68a1ca1c5c03fd73dfeedf27fa15a783fa1a7ffa75d430c51e0aa05b722 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7d42563d52a895a9ce7847db57b135cabadb4dee194bcb280601c2f1a3305461 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 76fd5b063fe8886a96fbbebb735ef0c85566a6b5ae4d4a913634e9fc8fffaba7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ffad5af7b7df93bbfc2061b64d7cb64c2b2d8c83c3bd91f5340bc60fe290e3e0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	i3.png trovas.ch/img/	3 KB 4 KB	86ms 85ms	Image image/webp	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/style.css?ff=1&wps=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 2c3b7b288c8d0fa45fe3520a694e0b788a17036cdd4e27327fd3d6fc7d9d6ce3 Request headers :path /img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/style.css?ff=1&wps=true :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/style.css?ff=1&wps=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br age 34782 x-amzn-requestid ed975c84-4584-4461-a536-56a9f06c939e x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id frfNqFsNoAMFdKQ= content-length 3454 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a7abf0-1d468c94105999a74052d77a;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA2-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id kFDpB37dJjrhsJ8woXvwxbjk54JAgOKPR8W-7xMrswXXcNy6-kdbCA==
GET H3-29	200	pubads_impl_2021051801.js Show response securepubads.g.doubleclick.net/gpt/	308 KB 108 KB	35ms 34ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 May 2021 08:37:05 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110938 x-xss-protection 0 expires Fri, 21 May 2021 22:27:27 GMT
GET H2	200	imp.gif Show response trovas.ch/detroitchicago/	43 B 164 B	26ms 24ms	XHR image/gif	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%221%2C1%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22b188ed95-218d-4cd7-485b-e1e2b7c36e8d%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36576%2C%22response_time_orig%22%3A36%2C%22serverid%22%3A%2218.184.200.57%3A29220%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22t_epoch%22%3A1621636047%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1209%2C%22worst_bad_word_level%22%3A0%7D Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers :path /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%221%2C1%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22b188ed95-218d-4cd7-485b-e1e2b7c36e8d%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36576%2C%22response_time_orig%22%3A36%2C%22serverid%22%3A%2218.184.200.57%3A29220%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22t_epoch%22%3A1621636047%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1209%2C%22worst_bad_word_level%22%3A0%7D pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 47
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 9 KB	38ms 16ms	Script application/javascript	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding gzip etag "WhyxmPkT7L77qVDcrjxwGw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Fri, 28 May 2021 22:27:27 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	ezosuigenerisc.js Show response g.ezoic.net/	0 54 B	25ms 24ms	Script text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigenerisc.js?nogen=1 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT cache-control max-age=300, private server nginx/1.16.0 content-length 0 vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	houston.js Show response trovas.ch/detroitchicago/	3 KB 1 KB	33ms 32ms	Script application/javascript	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/houston.js?gcb=4&cb=36 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa Request headers :path /detroitchicago/houston.js?gcb=4&cb=36 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex content-length 1163
GET H2	200	nmash.js trovas.ch/porpoiseant/	33 KB 9 KB	24ms 23ms	Other application/javascript	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/nmash.js?v=19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd Request headers :path /porpoiseant/nmash.js?v=19 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode same-origin accept */* cache-control no-cache sec-fetch-dest worker :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br last-modified Mon, 10 May 2021 21:42:43 GMT server nginx/1.16.0 etag "854d-5c200a84d9ac0;5c200a84d9ac0-gzip" vary Accept-Encoding Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	47ms 38ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 3451 date Fri, 21 May 2021 21:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Fri, 21 May 2021 23:29:56 GMT
GET H2	200	tr.jpg trovas.ch/img/	4 KB 4 KB	52ms 45ms	Image image/webp	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/tr.jpg?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 9c966e431778c1dcb42ef3389115f209f07d8d04bf0b221504425fc81159dafc Request headers :path /img/tr.jpg?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br age 32593 x-amzn-requestid c0633dd6-43d4-4f46-84b0-1bd4676350d4 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id frkjsHFsIAMFgEA= content-length 3656 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a7b47d-2febbf5f1fb31be21c58714d;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id 0DWE6UASedpF2mwG6PhOIAQ9ih8qVhbqMLudJKInMbs9tlBrDHl0QQ==
GET H2	200	arr.png trovas.ch/img/	3 KB 3 KB	48ms 41ms	Image image/webp	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/arr.png?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash f3d9b11f0214ef1686c1e744aac68cdb7f00d0fca136bc211c4fe42290d1c797 Request headers :path /img/arr.png?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br age 39637 x-amzn-requestid e41beecc-beec-4c3b-8dd5-b75d274f70e5 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id frTXCGJ6IAMFzaw= content-length 3180 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a798f9-1646144f50f926545c407028;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id jkuSEpJaHu-qBdcvnH9y9nodKza2fxj1BiEC96SX6DthCsqlAy4ZMQ==
GET H2	200	124x44.png trovas.ch/ezoimgfmt/media.jobs.ch/images/63cd8559-cf40-42c2-9328-6d47fb5b57df/	2 KB 2 KB	736ms 731ms	Image image/png	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/ezoimgfmt/media.jobs.ch/images/63cd8559-cf40-42c2-9328-6d47fb5b57df/124x44.png?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash f05d6eab847255e85a74df15829fb57bd912aaed06e0e82128ca8eb0e8280e7c Request headers :path /ezoimgfmt/media.jobs.ch/images/63cd8559-cf40-42c2-9328-6d47fb5b57df/124x44.png?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT content-encoding br age 55096 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol content-disposition inline x-middleton-response 200 content-length 1664 x-media-id 63cd8559-cf40-42c2-9328-6d47fb5b57df display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 vary Accept-Encoding Origin,Accept-Encoding content-type image/png via 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront) access-control-expose-headers x-access-token cache-control public x-amz-cf-pop FRA53-C1 x-amz-cf-id BDXZuKUtfcUkIa6PsgyaZEcAaLZP5Ehol_zYBo2IVbAS3fRbWLZywg== expires Fri, 28 May 2021 07:09:12 GMT
GET H2	200	PvKby.jpg trovas.ch/ezoimgfmt/2.trovas.ch/549/	23 KB 24 KB	56ms 51ms	Image image/webp	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/ezoimgfmt/2.trovas.ch/549/PvKby.jpg?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash c8c17e3689ce341986b93aa738a65ed2173f12fd9afb7abe4df2f9742da6b1d3 Request headers :path /ezoimgfmt/2.trovas.ch/549/PvKby.jpg?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT content-encoding br age 55095 x-amzn-requestid dd77d456-476c-4205-8b51-8a080461e574 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id fqtnxEX7oAMF1Lw= display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a75c98-33b682184d551979410a0223;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id P1odqT22xwR2fNiPpJmlOKoWWyl49__BXWc84C_mS-1MOGny4RYi-A==
GET H2	200	Logo-300x150.png trovas.ch/ezoimgfmt/media.jobs.ch/images/81c8dd63-acfa-4126-8c1e-27649314bb86/	3 KB 4 KB	780ms 775ms	Image image/png	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/ezoimgfmt/media.jobs.ch/images/81c8dd63-acfa-4126-8c1e-27649314bb86/Logo-300x150.png?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 913ae308dd118a71b946c93a83d305999ea9df4708c092ded543c925e3094660 Request headers :path /ezoimgfmt/media.jobs.ch/images/81c8dd63-acfa-4126-8c1e-27649314bb86/Logo-300x150.png?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT content-encoding br age 148004 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol content-disposition inline x-middleton-response 200 content-length 3446 x-media-id 81c8dd63-acfa-4126-8c1e-27649314bb86 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 vary Accept-Encoding Origin,Accept-Encoding content-type image/png via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) access-control-expose-headers x-access-token cache-control public x-amz-cf-pop FRA53-C1 x-amz-cf-id nVMNWKj6aXDVyIVv3F9BtiNXNDDtx3sr7IWsJXq5TTXO7pDIOpiP4Q== expires Thu, 27 May 2021 05:20:44 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 104 B	29ms 19ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6InVuaXZlcnNhbF91c2VyX2lkIiwidmFsIjoiMWQ4NjBiYTY0MGRmZTU0MDgwNTIwMjJmNzZmMmUwMjAifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6InVuaXZlcnNhbF91c2VyX2lkIiwidmFsIjoiMWQ4NjBiYTY0MGRmZTU0MDgwNTIwMjJmNzZmMmUwMjAifV19XQ== pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:27 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:28 UTC
GET H2	200	rules-p-31iz6hfFutd16.js Show response rules.quantcount.com/	3 B 428 B	26ms 8ms	Script application/javascript	2600:9000:211e:5000:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-31iz6hfFutd16.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:04:36 GMT via 1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront) age 1372 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 19:50:24 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop FRA56-C2 accept-ranges bytes x-amz-cf-id cyqGZf5zTxu35w6t3g8idIBhBP3NIdbwb8kGQG7-ssEGuuYy88taxg==
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	32ms 32ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=482970588&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&ul=en-us&de=UTF-8&dt=Dein%20Gratis%20Inserate%20und%20Kleinanzeigen%20Marktplatz%20-%20trovas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1273046769&gjid=840877002&cid=1363104601.1621636048&tid=UA-4377331-90&_gid=598764057.1621636048&_r=1&gtm=2ou5c1&z=1826119003 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 21 May 2021 22:27:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://trovas.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel;r=696237771;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-930738445-1621636048014;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8... pixel.quantserve.com/	35 B 371 B	11ms 9ms	Image image/gif	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=696237771;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-930738445-1621636048014;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=trovas.ch;je=0;sr=1600x1200x24;dst=1;et=1621636048014;tzo=-120;ogl=image.https%3A%2F%2Ftrovas%252Ech%2Fimg%2Ftr%252Ejpeg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:28 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	9Xz7v.jpg trovas.ch/ezoimgfmt/3.trovas.ch/397/	50 KB 51 KB	51ms 50ms	Image image/webp	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/ezoimgfmt/3.trovas.ch/397/9Xz7v.jpg?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash d257a342b3fd185a1e64df82e49635ca5f223fcc228998204ebd9d0a68f7ce97 Request headers :path /ezoimgfmt/3.trovas.ch/397/9Xz7v.jpg?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezosuigeneris=1d860ba640dfe5408052022f76f2e020; _ga=GA1.2.1363104601.1621636048; _gid=GA1.2.598764057.1621636048; _gat_gtag_UA_4377331_90=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT content-encoding br age 55094 x-amzn-requestid 7b022bff-2490-4028-984d-0b24c3c0c3e6 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id fqtoCF4EoAMFiEw= display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a75c99-3cde040631626469089c5383;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id BquDG24ogHzEsIqi6nP91LnVMINe_eZOVCeWIa8Nk7FLY9Oj6qZWJA==
GET H2	200	integrator.js Show response adservice.google.ch/adsid/	107 B 799 B	36ms 16ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:28 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	37ms 17ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:28 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 280 B	436ms 435ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=2774913031273436&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C300x250%2C300x250&prev_scp=a%3D%257C253%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%7Ca%3D%257C254%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%7Ca%3D%257C254%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621636048&dt=1621636048266&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C639%2C962&adys=171%2C171%2C171&adks=840336167%2C3122676339%2C3122676338&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250%7C323x250%7C323x250&msz=323x250%7C323x250%7C323x250&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash c8e26b5a7cee50755e2e6d942b3b9245881d2f397a3f54773ee9a89ade34e6f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 250 x-xss-protection 0 google-lineitem-id -2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	48ms 14ms	Other text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	27ms 6ms	Other text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 272 B	281ms 281ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=4054544187939386&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=a%3D%257C5%257C%26iid15%3D1489595%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-1489595%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C131%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621636048&dt=1621636048285&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b00cc1e62c9563f9675e7330f6b27d32ea768fcf3af471fc511f5c6aa8da7ef0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 242 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 42 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjYxIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIyMTgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEzIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIxNCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjIxNCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMDE5In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMzQ4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIzNDgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjYxIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIyMTgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEzIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIxNCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjIxNCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMDE5In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMzQ4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIzNDgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezosuigeneris=1d860ba640dfe5408052022f76f2e020; _ga=GA1.2.1363104601.1621636048; _gid=GA1.2.598764057.1621636048; _gat_gtag_UA_4377331_90=1; __qca=P0-930738445-1621636048014; ezux_lpl_174954=1621636048551|b188ed95-218d-4cd7-485b-e1e2b7c36e8d|false; __gads=ID=ae49e238a3586738-22bcc6231ac80015:T=1621636048:S=ALNI_MbB6ENIlG1EU4SRiWI0V_7ndZuVdA accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:29 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTA1MiJ9XX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzNjA0NywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTA1MiJ9XX1d pragma no-cache cookie PHPSESSID=2bqfhueii0o4plst1vasddrja9; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621636047; ezopvc_174954=1; ezepvv=463; ezovid_174954=456157868; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621636047; ezovuuid_174954=56885223-c9c9-4dae-4993-e58d7c531825; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezosuigeneris=1d860ba640dfe5408052022f76f2e020; _ga=GA1.2.1363104601.1621636048; _gid=GA1.2.598764057.1621636048; _gat_gtag_UA_4377331_90=1; __qca=P0-930738445-1621636048014; ezux_lpl_174954=1621636048551|b188ed95-218d-4cd7-485b-e1e2b7c36e8d|false; __gads=ID=ae49e238a3586738-22bcc6231ac80015:T=1621636048:S=ALNI_MbB6ENIlG1EU4SRiWI0V_7ndZuVdA accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:28 UTC
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	18ms 18ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 33f7dfe9c94159554353ba2bdce4ad7e3fbbf23d46d8f6dae451d30a4ca55ea7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:28 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7690 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:28 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 21 May 2021 22:27:28 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 93A3	12 KB 5 KB	9ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 21 May 2021 20:28:52 GMT expires Sat, 21 May 2022 20:28:52 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7116 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CB1C	783 B 813 B	15ms 14ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7bbb7eef4ab8c593ca1a332b55c8bcc4eb48efde7ba0b6d7b2b37c7d53405902 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-+K1Q22C22kRnYqzzfqzwrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers expires Fri, 21 May 2021 22:27:28 GMT date Fri, 21 May 2021 22:27:28 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-+K1Q22C22kRnYqzzfqzwrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame 93A3	14 KB 6 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16820 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051801&jk=3809025683721467&bg=!SEulSw_NAAZ7hX_Ue4U7ACkAdvg8Wn1MQ3M3KKqjhzvMQEWaJxZjiRdKoz-DOfygel0VWmOiloZ7rwIAAACnUgAAAAxoAQcKAIzdEq1sO7_PYp13O0uhKB7MjFy-gVZqBui1RA8rTSIuZqNmdEjZmxeCrFtQiIyWiHj8pqpsmp6lNz15Z9USQFw08A9ZKZXyZD9uKNL1C9guAgJVDnEujPekeqvMuuNjc_FMrHikbGs9pIRsLkqH-Mag3Inxd6mI5Gip8RkASE99o69lpWbcVTti02agMJkCQzvbxqz7EtKpw69bWmBQVFevRMlJFyQbnylgdE8UafYdm24qk3ACWdK6Z-sKjnVL5Yoc3sMkmIx1nKtUfxVqqtHX71CoBQLqy6XaUV5o_u5YFEzb_syOFB5DjLKTP5qNbL1oHlkty-oCGtuvsMIBQIul7WIyXaXGRLIV9KQjSzE8fEgDbDhVF4zhCy3AdnT12pyu-j3HN0Vbyo1Js_JFvYf7ThiK35q1NcxKhd-jA7pkWnzRLZk8QglsKldMNTbVzCRnAdI6U6ClgZo9hxiwhzRdldAdvb57bSnAeHvl3eGQDbAp29Fbl1ikUsJcbV2kxs98kh09U0ZqAdTYcppMvbSAjpKAuLjfVuXUXbhOhlglWeQ5994Secf7en_LFo6hlWY0ciCgDqQK2fykYM4mPpRVataAOLBRkHl_4Ezqf-v3I5rBYhGvqTjmO2xP2WNzMdYRuUyd3_UD6zd-iRUHcdeSTtX0X4yUUFuzEgC_NP4klc5cx8Kk0ZHxTQqftcgaxQlvmEpaCj5zX9U_H3a-36_j6FPUyv_4ZbFwJhmE5RKlQ5EP0hJmxqzfuTG7QsMJJmNomgYqBCCRJ5FCJomhySOX2dBcg5r-gf24lXT2kGFfd6fLGbc6T5nojtK0y4CnvuZ4mCLH_0NilbruYfmmoOI6CrQSAf-OdP6ybchuXRsRKV59TyLHdbWxbu7WLGLqHoxZEAWOX4rUKGmcrB7Yj61ytPvfFD8k3-5WjizjhHFxtXlOYBoakJFNacAIJG7zsmK56Q Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:29 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ch/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:31 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	14ms 14ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:31 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	22 KB 10 KB	322ms 322ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=4028423400083019&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C254%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D200%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C20%26lb%3D400%26reqt%3D1621636051374&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621636051&dt=1621636051378&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=962&adys=171&adks=3122676338&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 2ae3ee03e6b196c89e07e9e338ed96c1d8cee3fc6b1577ba2640cd5ca3ee7c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9641 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	446 B 413 B	413ms 413ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=1390646414160172&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C254%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D200%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C20%26lb%3D400%26reqt%3D1621636051379&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621636051&dt=1621636051382&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=639&adys=171&adks=3122676339&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 7e293299ad8228a5ad7e269cc32d819cf7aa6ef0c88141fb12dd6b3f24fb6fa1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 235 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	446 B 462 B	390ms 388ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=3563231517359280&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C253%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D200%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C20%26lb%3D400%26reqt%3D1621636051385&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621636051&dt=1621636051388&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=171&adks=840336167&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 4d56ac15de8395f8de4acf0273f5a53e17794552947864aee25803e4ab48cdc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 236 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 421 B	422ms 422ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=3329758151334905&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=a%3D%257C5%257C%26iid15%3D1489595%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-1489595%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D280%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C131%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C20%26lb%3D550%26reqt%3D1621636051391&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621636051&dt=1621636051394&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 09e42bbf242d3689a88a1c5e990f3e3852c27163d6635feaa3fd9aad62d8544b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 243 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8D9	6 KB 3 KB	6ms 6ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 22:27:28 GMT expires Sat, 21 May 2022 22:27:28 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 3 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	35ms 15ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597303326658" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27994 x-xss-protection 0 expires Fri, 21 May 2021 22:27:31 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 65 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQyMDAifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQyMDAifV19XQ== pragma no-cache cookie __gads=ID=0c22bbe1071b521a-2204a1f419c8006f:T=1621636051:S=ALNI_MZF9cOgrExat9fbNSI4Ah56pb-BEQ; ezouspvv=200; ezouspva=1; ezouspvh=200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:30 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Ijg2ODAyYTkyM2ExZjMyNTE3ZTRjNWQzYjZkNTUwMjcxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Ijg2ODAyYTkyM2ExZjMyNTE3ZTRjNWQzYjZkNTUwMjcxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie __gads=ID=0c22bbe1071b521a-2204a1f419c8006f:T=1621636051:S=ALNI_MZF9cOgrExat9fbNSI4Ah56pb-BEQ; ezouspvv=200; ezouspva=1; ezouspvh=200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:31 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 93 B	65ms 21ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 22:27:31 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie __gads=ID=0c22bbe1071b521a-2204a1f419c8006f:T=1621636051:S=ALNI_MZF9cOgrExat9fbNSI4Ah56pb-BEQ; ezouspvv=200; ezouspva=1; ezouspvh=200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:31 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	21ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjM2MDUyLCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImJpZF9mbG9vcl9pbml0aWFsIjo0MDAsImJpZF9mbG9vcl9wcmV2Ijo0MDAsImJpZF9mbG9vcl9maWxsZWQiOjIwMCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzM5LCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjM2MDUyLCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImJpZF9mbG9vcl9pbml0aWFsIjo0MDAsImJpZF9mbG9vcl9wcmV2Ijo0MDAsImJpZF9mbG9vcl9maWxsZWQiOjIwMCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzM5LCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= pragma no-cache cookie __gads=ID=0c22bbe1071b521a-2204a1f419c8006f:T=1621636051:S=ALNI_MZF9cOgrExat9fbNSI4Ah56pb-BEQ; ezouspvv=200; ezouspva=1; ezouspvh=200 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:31 UTC
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame EEEA	478 B 544 B	17ms 16ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3l0gIQ-bqW-wEYhIj_qQEwAQ&v=APEucNUHdfh4wpeDVUsc_mb1Onr--BfgLNgvjtdtYBhFBmkJzQs06NVazI74mqPyR7GI_11Hp9ilmT2WABRHM9SYQ6fxry4V2Q Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CI3l0gIQ-bqW-wEYhIj_qQEwAQ&v=APEucNUHdfh4wpeDVUsc_mb1Onr--BfgLNgvjtdtYBhFBmkJzQs06NVazI74mqPyR7GI_11Hp9ilmT2WABRHM9SYQ6fxry4V2Q pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 22:27:31 GMT server cafe cache-control private content-length 230 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmCRRvpjd-fAn8kEAkuONeugo-arni5ybLUmW_UDOrtb4LcmkUZvsHfDidO; expires=Wed, 15-Jun-2022 22:27:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 21 May 2021 22:27:31 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame E8D9	11 KB 8 KB	32ms 29ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEgLnzYWAY76p9SreGN3sy-vSDD6oizChDe2C3B6AVWF-4ONmkMCNGrmOza47tqGrNRmu5UJYDj5rhow6OB2cC0pJJDzUeR1bD2EMpH5Hwlth1cQ8jUhdn_eqnFX3zEhupcZ94s1cxc3jZi9md_98QsnG9Bw&dbm_d=AKAmf-B7gsd42G2rC9MO4Qk9OPu-tKbkjIfL7f2GczMZq6rhkH1VRR9ikcsHSqnxxpNd8nO2MsGzc-jENKscvi_y-ZAKeOt-Y9vQLaY05Ju6jNhSRnH3nQT2Zh_lDXi5lYQpfTeP71phgLVUWGjAz10--GntBp6Ch_rBGr4JidVeWgwXFZyRRWyCjQHyhXZle_gApl-mNzesKU_YwnA-5mTO1ZWD5qpoZeBUa0nQjHNkJo0Yq7fR-i8DNu2nhftG04Xghl5Hkq0bfsoYtSEEICKFsU1nyKxixsbbJmU6uBeqlkeDfK5Qr_oSCsEHBbpz_dd1kVD3OZ9VgPt5SYx9632UKrBOkPUhuvXZtgVCEzeQSpAVMIFfFJbmIeMYv_lSa358ET9ZvtJPLA0-0_CnZ3yZOlAXLbZmBKVVf6sJJBToE2m13Sa3fCIFfOoogmKuflzZAMWyP8ptThiIsJJ_KAdDwFv7t3C0lQ-tL7YwhWM7Yg6I1l_rE9gVz2mb8m93F616wJDXWNFlBwOfZYmOH6rTa6UPzLmJZXs-JVcufZKx8IVxjORghK1CFOva1A3EhlVj9GugOvHiaETngDxmvlFcAO00shO0RTcNuQ_MuWrQ_TmYnI72MhFEBUV0Xk8unnCJnIUfLvXDX95f53o7KwXTUa9-cQaJ_rjQiRNFc4IGaH-97Zu_Ch9YWZenFYXFMQyVPPQ_4fIjgzmws8FG-zVTypjN0jjv8x879DdAK2UFaAaj8H6obZljF69lXDGr2WBvMNAh-SxP9eramtXOc_Tu7gWv4OYanRQZe0PlKn1tQmq8XfspAAJa8bqcIB9n2zvvcBedlTBJMEQzMSLNQYnHTIyTktnHsTgR7ZFKcBhiRU11pIiK7Vuu8MCphC4rWDIP3Nz3KiTFhx6SrnFjerJU9FVKksQEfq3ZwzuFsCq_0qN4m5ZuArGwnnSRZA8sMRVGjhZRevpk33e0e5OwU244fc-9oYaiMPwI2HZb97iSubasnXgQ0lUunluyqUuFc5QryxcAjy6bNZ8DGX7AwqN8rCUQjZ9lzTDihxswz04RJxu_iEMAtr2P6l-yPgswaau4NFd0_BTNxWYUr_gKy0gDCDhwKhc-bqBEpe92aJtzOJpq9tR8YM9MThFWUQSerDwZMqSRKR_kvxbYXyCGnqSEG8Q-dByYhltdn4VYH3GFSyGHmF_4s3Y-KXHPwNWsm5uMZC3evUUpKJ9RI2yyeaX571MsNCi-G-gw7BfY3rVDYH2i5pKgKFsZvSzML6onbhqOG2JY35eQSItsjkNXgyNP_tIckEzTBAURB4Neio1XN0fFuShiApStv_QhkU08aXT7SxnWr-XaS28cyw-oB_OxtR3xTcVJIUcL_w5LA5_jehQBnpCMrRMXw0X4AoZKy1xUVbfubZ9Ag9R-Fid2DoeePh1GuRYHx3cGULsAg_oT5jkmsVdVdn4pLbYM8gmsBjusZ0U1fOc85BNhyuYx234jcOM0c79LfjpMO5eDjvw-SeYJp2jEuCc1qJ1RYe5Xyfg4uouIvh3rYoU1_HgtaEQ6HAXkBTXpdbiTJZBn759R0zSJIyEIGMDRWJfYjBDVTU6dAz6506-3hy3GHZnzO6sAPRwloIkUFRz35H7pRfUBv_OqeOeXpmoJHrLv59rNSnoPY-mQ7GhFdQYJhvSlhoq_w1rd_1KVBTN4ay0BFifU3LPDJeGZUGCnWKVenVTSheYGqZRNFSwMQnmEqaEqy4WI3wdn9hEJZB3nezpegKhEdA71HN3oJ0caugw0n2NcDXejBzadoNAqyL7sGtl0PSURelhVP3o2TcrF-2GW6wVXysw2wxv6UsbDKB0kADjVwdiPQ2MPc2OfguVeXwyGenCY80RV4ztA4575mhuKzMofVDbVIBPtQgrgXIneiUgDMUwoBnFkpGdypKVI9UH0zV1weLFNIROeX5xFrEpDR-YqQYzQWiFBpl_EgcoZgZ9zYlOGPIV6kdnC2N3BUuPjYeV67-LoHeQjAugi4VUtoee-m1LM5In3GofwX2EhfvLb16gTpB2jem9szJ__foNrJWnckuUKWkEnUGHHowIEcFwzTSro0mn0xFvt1XvxCvv4yinoFIZWuTi1kViiDbnwEt27YzJxLFR_3vc4BNTw8XloEuTy5Cp0N3xEgGXeAw3mUQhitfH4fQcvd0G_mRMI_XJ4DdmlM4iTyNoFgyd1zs4yEXjioDc9cAV8eqslL8Aqi3UgxEr-riaDyRkhhfvIe27jST5ZWcKEh_juHhYDi3HSmISeDiHL3QMUYYmArbtH9Gs-Tu_nrRNZUVQP2pc3td-E_CNjvymDxqa-hofXrVQM0YSteJ1aY5DYmUr-fhIim1Az_D943RaNRxNvQgVXPO_1q1CMN9EO_S7S_HTu3yeSSQ7PQ8NzZzL6S7ZDQ1KGzz2n79crv5oFQ-F2e4PHyqNbruUZoCXXKbROnCAXIEuem2DZWBDo0eyz_MUjQwCTRFKgAp1l_Q3IwSu7PdaudIYK-clhPSL_e1bmcYcXpDgKJT1xV6c8O-mSQcgPM3LD1Uvj9Itw-JwvwWT0DsvKMvWXplAaS-hRT0cZkSeMmqUJoyXB0WQ7bOjz05IL7PTkwt-EpMvdKscR&cid=CAASFeRo-uC6ky9T9pqGqxAt3_JC0Mu-8A&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 035ba44da0a948cf3a1f230491bd5aa2c096d96d2b9fc3b80cf9c0dbd7c240c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:31 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8391 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame E8D9	42 B 498 B	60ms 39ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CR402qUb3TFYaaH2BFgHEhvFod5Bmttxd4UEPjS6Q4u7AyCzbeJAy3-zqlrgf-hsDFiTsgkioZ9r3H1Z8GWMwHdbf1Auss6pTPDJodBWvBtqKCyZc Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:31 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/709972/54770482/xbbe/creative/ Frame E8D9	230 KB 77 KB	144ms 63ms	Script application/javascript	52.211.22.238 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/709972/54770482/xbbe/creative/adj?p=APEucNXK57cA0RP9JkDMmV1iANR2GsluQwfqBoQHCLJOwspXE0Fawb8&d=CnkAoCZ_4Bb1KVpIYIcdp88AF1Bo36OJFpvnQwy6NgBclSWwhYY08Efp8-N_cl946uKn_Aj78V41hK-XHD842U8o8qOnMsL9ILQPh5i8M1pgVroSXebxN_jLsktnu-oi_XA2X_xKYAYiQbRbnRbmbiwOSGmSsEDCCBbiEqkSAKAmf-AduTrjNKwLl-kMiRMwTlKjn8fcCAuLFeZ23PJZ6Yn5dZG5JY_XjCYTBRorweOOoltkou-AZQLD8rDv0NEVCk7aljq9eU8G0rON8VrjOsq_kVHsPAJwLB1ebWB24b2zuvt3sgHK9XLA_FHU74Tj3fqPSX2o7BVwPUhnJolJVeO8bbCccM2KsIVn15BO7AVKFJWJ2h3ubTH53C1Eh17S_wGeZTUyElUPvgCZQwPjkn_TOlHac6OfotRfwvqxqQlt5GJ_2r2EyR_7a2bdFrYTO5WtZgswJjxdeVrNde5Gz9aB9QjziQsUuLncdiN_BqHbND3LhcpQNzQ9OpGo81xE53a36eXR_-i5EYmWQKexKDyLAcVq4gTDNQTQhzRt0GT2A_iYbVJmkJJUjivqZjwGNP-VZy8FGWV2i3zl56EuT-QKIsEx9g7BNhUpg8HSSGYOscNOP9ziccWnA2U3PMdXX1tVAAbz21XQoI4Wh_JOHdMxxqiffHmdgkdWPUyM7GF5ajQ9HdjYxgSs0NePVP6AuWDBigYniDjQX59ja4ESFB5BhmkFyAJjsYVUm4-OUsRGz5VXt5TQkQQak735-5rfMgvZXIg8Pl3RNLag0acJ7r4oEU4TsFclouBvP5Z5JrmTu0E4Ogb-zk9A4IXvB_KyaP-YqANnuAtm12NfEWrTCNziKUmhUtnyvzgM8a5u7Pg6Pnywx4XLCuPqfRREXN2MOUqCB_rzqoFHF9KrTgrNWY3Dlrdl70TQsny6mS7rblekkEaKhTAQfqxx-C4zkrp5y6Deyp4th_sgl16mdUPepIuJsMFpunG5rzHS5h331pmFwrgGIWx-JKpufACizaAE3kiLbiifjVDliPxqGpCRASt7FLJe6ALEsIia_VqNvEc3LUMFxAgtK6IsKtsewgFsiDAMLfkullj07eR5wv9KcRQPn44gk1fmhuKPBSnMKGEA6nNEFPJ7pIlcywBDzbgGQ3A8P6-zffuA8EGeEKgtjOVXJr8BHJZpNcROlf2NbX7oUkYPSVKfKLYxCO_ss17A17HP_uxHhxWvtOoII1WD5EEi-s66a9VoX9uMMXr2aG2KsSEXnwdgp34nvd3pTiJJDf7fPslPBXMIwEcFvqb3u94xBB8z9sNdYG6w9e4E7EQVZT58Xkr4OoPxpnbVWYUwWSX2evuOjkidgddIng8QTJu-dafRoWjPRwPLRmOMOFqIS9qt_vUpolMTFjfcDdWbX4XMl3qXnjVbOhi68MPranTqFG8puI31t45_oF6F3Ko26ARWSe4ecuwTRP2VKDZP_-CRMXHXf5FwM4yZKWM3hi-VgyGu6dG25WTk2_xjgRrEoAzeNuE2ASmVwBqOUwpIWLDrpxDFvc6d_VIdsbX86GtSVL9pLrEs8YECboOtSQZ5ir7nrmEiJAtd2qNpzohsozriA5mzEyYLXS0GRkbknwlSOtfboNzDT4JSjDXZwHn9PyfJLiW5y4Jgnl1ErMjwb76uoabjoCpBFO9JU2AQCY5TAqm5SYDrToH9PW4kiTfivOsTI_hV5X7leaBggB0p15LoQolLWQifQ0M_Z8T-TP4SYBrg6859H7ox2yHmQHKF1HmrGffhUzbbermqu0qGnJeyOACroYtTrsULpcd3cqo7v9_ZI2C8vX_-8SvVg94k0Y2Kfz9cpQuIZuB8hYvOk7UstM2FrDA-wXlg33jDQjKmkRbHfbiqFlDSD-BFoT8RyNCVmOIAD3HfcmT3-DiQmK2N4vIJ5m6JKzGENwGpaBdvqPbhUzEHOWI7anpkF49oYTHyEou0-RIOAJC8IiZBAJl5zQqg8HJGRPz1e3SGvKH9CJnizEapt2ZXlVN8NvY3sxXD4OXyOvg2PvhFtTZtyMehnIhQUUbWRZSYKmsHkCwNdZYGQvciNUvUlWsH1sXPFOx6wUGhqbZ-NzVrBbeVj5q4Z3-l9_I-jLBAmfuWjRjZwUdWHgwOQfCy1BuewFUMLKIISQpw5SuZJ2kAuH1-cev2uggxF3L6BAK_II6zY8REfuizaer9xBv4zfvvteXb87qyyIPb5ZcGes926zsiz8Dp7siGAcf0_Stx3V4LfYK_owWXKp8JA_gfVIbKBMZ_X5_9oGOvYNXIxZGphxR70J9G72ffizUr7j9yTNNGYBQVImFwVV9zLbvBJHIQ1chseLESQ-eEkYo3G-CoxX13Jslv05LoP0kbpQZyAndVWrf1hezWTWnutZyeE8ViGQM_QIE_im7ZWxJYSf4XeAdkNeWIgSljouiyHXh61JafcI5i9zZIoS0mWIQkjEV68cWC8QIwMGxQZYhyHnD8Yd7MiGmAgN8tDqkbKRwoCCq_IT0GfaphoLmoDbtm0vv4x0uYnrKmCr4FMTm7MJf2Jn9uMC3z2312IX_sRk_H_kHRwRrd6WNk2Qnjmgyi6Ugl8R_Cyl0wirwAncq_aFrst5mhLERMQ764oLMkIJPqBTEhdgysKq5qXSPuVozSZWlTeKvskS-hVr_NrZbvdKWMe88B-nkQhIg8PYRKc-vctBjHixnRQLLkYNcDjXmaomjen0ykhFqkALtVBQ1q8vMXIl1CwLFdKiGHLDOrmHUA_dq6osqEa0eL15wcltrCu0KThE19S_f_ulSXQXhrq-F9jtkvY_RRteMWoMg70hq29cHbi2k6-lALqxs5p4rM9qhW93NBeC5oLRrCmjasunjKfrabqsLLejilKqYHg_T350d6xttx1Cv-6m3SxITmLgfHUp-wEIo9a9j0Bgml3ccQRtZE82GVrOpoTjNpRfj8RYZAzXpcDgFr_AUG2hPytj6-paEKSYvGF1DJt79SPmnkdMw0IEWDNlwna4MTk6dz-heei9bl-Wj1RxQYBS8c7p--fdD_dgeBMJPjBTb7E7D4XK3Ae9fTb5nby4Zfvzr2VwAqmtO9r5Ggr49JaDf1cFUOTa0TNsg6UOzMvVWHtFMAdUpY8a3HNFvgA4TqB3R6W5Ah0vmSFYxg3XeI6MwmUVLTo859c-wWsVHRbtQv2h6pkKSrZFiHm2n_UR4ATKXnYTqqyg71yBbZQCjeYBuXCT6tmRvndf0nonDfJLGmDcc4Paguth9iY-kWH-M6gD1dFfDmZ6v870G-QtMaGQgAEhXkaPrgupMvU_aahqsQLd_yQtDLvvBgAQ Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.22.238 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 643b2c3034266a56401b5f6c22a99baa0a70cea2f910b16c42d2d55d35638b84 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:31 GMT content-encoding gzip x-server-name app32.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame E8D9	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:24:48 GMT content-encoding gzip x-content-type-options nosniff age 163 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:24:48 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E8D9	119 KB 36 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:31 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Fri, 21 May 2021 22:27:31 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame E8D9	13 KB 6 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:25:05 GMT content-encoding gzip x-content-type-options nosniff age 146 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:25:05 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame E8D9	0 0	15ms 14ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIl8Or_te0GM4gWIhDl5cChSr-4PT31iUIDe6NWqO8E_7te6ee9Q9CALs0H-ZoA6W2j2dTLNUJQcnG_OM1ZmimMup2ZQ Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame E8D9	41 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEgLnzYWAY76p9SreGN3sy-vSDD6oizChDe2C3B6AVWF-4ONmkMCNGrmOza47tqGrNRmu5UJYDj5rhow6OB2cC0pJJDzUeR1bD2EMpH5Hwlth1cQ8jUhdn_eqnFX3zEhupcZ94s1cxc3jZi9md_98QsnG9Bw&dbm_d=AKAmf-B7gsd42G2rC9MO4Qk9OPu-tKbkjIfL7f2GczMZq6rhkH1VRR9ikcsHSqnxxpNd8nO2MsGzc-jENKscvi_y-ZAKeOt-Y9vQLaY05Ju6jNhSRnH3nQT2Zh_lDXi5lYQpfTeP71phgLVUWGjAz10--GntBp6Ch_rBGr4JidVeWgwXFZyRRWyCjQHyhXZle_gApl-mNzesKU_YwnA-5mTO1ZWD5qpoZeBUa0nQjHNkJo0Yq7fR-i8DNu2nhftG04Xghl5Hkq0bfsoYtSEEICKFsU1nyKxixsbbJmU6uBeqlkeDfK5Qr_oSCsEHBbpz_dd1kVD3OZ9VgPt5SYx9632UKrBOkPUhuvXZtgVCEzeQSpAVMIFfFJbmIeMYv_lSa358ET9ZvtJPLA0-0_CnZ3yZOlAXLbZmBKVVf6sJJBToE2m13Sa3fCIFfOoogmKuflzZAMWyP8ptThiIsJJ_KAdDwFv7t3C0lQ-tL7YwhWM7Yg6I1l_rE9gVz2mb8m93F616wJDXWNFlBwOfZYmOH6rTa6UPzLmJZXs-JVcufZKx8IVxjORghK1CFOva1A3EhlVj9GugOvHiaETngDxmvlFcAO00shO0RTcNuQ_MuWrQ_TmYnI72MhFEBUV0Xk8unnCJnIUfLvXDX95f53o7KwXTUa9-cQaJ_rjQiRNFc4IGaH-97Zu_Ch9YWZenFYXFMQyVPPQ_4fIjgzmws8FG-zVTypjN0jjv8x879DdAK2UFaAaj8H6obZljF69lXDGr2WBvMNAh-SxP9eramtXOc_Tu7gWv4OYanRQZe0PlKn1tQmq8XfspAAJa8bqcIB9n2zvvcBedlTBJMEQzMSLNQYnHTIyTktnHsTgR7ZFKcBhiRU11pIiK7Vuu8MCphC4rWDIP3Nz3KiTFhx6SrnFjerJU9FVKksQEfq3ZwzuFsCq_0qN4m5ZuArGwnnSRZA8sMRVGjhZRevpk33e0e5OwU244fc-9oYaiMPwI2HZb97iSubasnXgQ0lUunluyqUuFc5QryxcAjy6bNZ8DGX7AwqN8rCUQjZ9lzTDihxswz04RJxu_iEMAtr2P6l-yPgswaau4NFd0_BTNxWYUr_gKy0gDCDhwKhc-bqBEpe92aJtzOJpq9tR8YM9MThFWUQSerDwZMqSRKR_kvxbYXyCGnqSEG8Q-dByYhltdn4VYH3GFSyGHmF_4s3Y-KXHPwNWsm5uMZC3evUUpKJ9RI2yyeaX571MsNCi-G-gw7BfY3rVDYH2i5pKgKFsZvSzML6onbhqOG2JY35eQSItsjkNXgyNP_tIckEzTBAURB4Neio1XN0fFuShiApStv_QhkU08aXT7SxnWr-XaS28cyw-oB_OxtR3xTcVJIUcL_w5LA5_jehQBnpCMrRMXw0X4AoZKy1xUVbfubZ9Ag9R-Fid2DoeePh1GuRYHx3cGULsAg_oT5jkmsVdVdn4pLbYM8gmsBjusZ0U1fOc85BNhyuYx234jcOM0c79LfjpMO5eDjvw-SeYJp2jEuCc1qJ1RYe5Xyfg4uouIvh3rYoU1_HgtaEQ6HAXkBTXpdbiTJZBn759R0zSJIyEIGMDRWJfYjBDVTU6dAz6506-3hy3GHZnzO6sAPRwloIkUFRz35H7pRfUBv_OqeOeXpmoJHrLv59rNSnoPY-mQ7GhFdQYJhvSlhoq_w1rd_1KVBTN4ay0BFifU3LPDJeGZUGCnWKVenVTSheYGqZRNFSwMQnmEqaEqy4WI3wdn9hEJZB3nezpegKhEdA71HN3oJ0caugw0n2NcDXejBzadoNAqyL7sGtl0PSURelhVP3o2TcrF-2GW6wVXysw2wxv6UsbDKB0kADjVwdiPQ2MPc2OfguVeXwyGenCY80RV4ztA4575mhuKzMofVDbVIBPtQgrgXIneiUgDMUwoBnFkpGdypKVI9UH0zV1weLFNIROeX5xFrEpDR-YqQYzQWiFBpl_EgcoZgZ9zYlOGPIV6kdnC2N3BUuPjYeV67-LoHeQjAugi4VUtoee-m1LM5In3GofwX2EhfvLb16gTpB2jem9szJ__foNrJWnckuUKWkEnUGHHowIEcFwzTSro0mn0xFvt1XvxCvv4yinoFIZWuTi1kViiDbnwEt27YzJxLFR_3vc4BNTw8XloEuTy5Cp0N3xEgGXeAw3mUQhitfH4fQcvd0G_mRMI_XJ4DdmlM4iTyNoFgyd1zs4yEXjioDc9cAV8eqslL8Aqi3UgxEr-riaDyRkhhfvIe27jST5ZWcKEh_juHhYDi3HSmISeDiHL3QMUYYmArbtH9Gs-Tu_nrRNZUVQP2pc3td-E_CNjvymDxqa-hofXrVQM0YSteJ1aY5DYmUr-fhIim1Az_D943RaNRxNvQgVXPO_1q1CMN9EO_S7S_HTu3yeSSQ7PQ8NzZzL6S7ZDQ1KGzz2n79crv5oFQ-F2e4PHyqNbruUZoCXXKbROnCAXIEuem2DZWBDo0eyz_MUjQwCTRFKgAp1l_Q3IwSu7PdaudIYK-clhPSL_e1bmcYcXpDgKJT1xV6c8O-mSQcgPM3LD1Uvj9Itw-JwvwWT0DsvKMvWXplAaS-hRT0cZkSeMmqUJoyXB0WQ7bOjz05IL7PTkwt-EpMvdKscR&cid=CAASFeRo-uC6ky9T9pqGqxAt3_JC0Mu-8A&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20444 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame EEEA	170 B 506 B	71ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3l0gIQ-bqW-wEYhIj_qQEwAQ&v=APEucNUHdfh4wpeDVUsc_mb1Onr--BfgLNgvjtdtYBhFBmkJzQs06NVazI74mqPyR7GI_11Hp9ilmT2WABRHM9SYQ6fxry4V2Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EEEA Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1&C=1	43 B 1014 B	29ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3l0gIQ-bqW-wEYhIj_qQEwAQ&v=APEucNUHdfh4wpeDVUsc_mb1Onr--BfgLNgvjtdtYBhFBmkJzQs06NVazI74mqPyR7GI_11Hp9ilmT2WABRHM9SYQ6fxry4V2Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:32 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 22:27:32 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 22:27:31 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Fri, 21 May 2021 22:27:31 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EEEA Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgz02CPlXV56VkkcerrYwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1	43 B 894 B	30ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI3l0gIQ-bqW-wEYhIj_qQEwAQ&v=APEucNUHdfh4wpeDVUsc_mb1Onr--BfgLNgvjtdtYBhFBmkJzQs06NVazI74mqPyR7GI_11Hp9ilmT2WABRHM9SYQ6fxry4V2Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:32 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 22:27:32 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:32 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame F16D	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 13064 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame F16D	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16823 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H2	200	passback_300x250.js Show response static.adsafeprotected.com/ Frame E8D9 Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/709972/54770482/xbbe/creative/adj?p=APEucNXK57cA0RP9JkDMmV1iANR2GsluQwfqBoQHCLJOwspXE0Fawb8&d=CnkAoCZ_4Bb1KVpIYIcdp88AF1Bo36OJFpvnQwy6NgBclSWwhYY08Efp8-N_cl94... https://static.adsafeprotected.com/passback_300x250.js	3 KB 1 KB	65ms 41ms	Script application/javascript	52.48.135.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/passback_300x250.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:32 GMT content-encoding gzip last-modified Wed, 14 Apr 2021 17:25:08 GMT server nginx/1.16.1 age 151029 etag W/"44f0ac540dc9c11f94344414c879b658" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=604800 Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:31 GMT x-server-name app15.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/passback_300x250.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 37FD	82 KB 21 KB	162ms 72ms	Script application/javascript	52.48.135.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:32 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 336432 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	dt dt.adsafeprotected.com/ Frame E8D9	43 B 216 B	337ms 110ms	Image image/gif	3.215.71.212 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=709972&asId=740dc9e0-ff62-5e1c-d2d2-8bfcaaf5a28c&tv=%7Bc:dijW04,pingTime:-2,time:120,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:217,beZ:218,mfA:220,cmA:222,inA:222,inZ:227,prA:227,prZ:232,si:239,poA:240,poZ:258,cmZ:258,mfZ:258,loA:318,loZ:323,ltA:336,ltZ:336%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:121,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~1%5D,as:%5B114~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sy5tC0s+11%7C12*.709972-54770482%7C121%7C1221%7C13,idMap:12*,rmeas:1,rend:0,renddet:IMG.us,sinceFw:97,readyFired:false%7D&br=u Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:32 GMT x-server-name dt62.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F16D	0 20 B	41ms 40ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzZDE0zOoYNGPLrrc3wP5oLfYBQAAAAA4AeAEAg&bg=!h4SlhMDNAAZ7hX_Ue4U7ACkAdvg8WlbadTahwaymjZkO1mA45yBpSY24lyX9nVNHH1NChh5lOTWizQIAAADXUgAAAAxoAQcKAGEBmSqukWnsUoRhh8mwUuhemee4gfpDoEa0Q7-rei2o0G-hspPE9FtxHLHivTE7LDd5QrT8Pwxs92oLVr4aWAA8GhfFlpamUEILaBagygiZyZS82MXiMpJf-eeCIGtsSO8FmQKMUH1brnBaKi1_4y-gW00x7aBCi7aSVKXra-CA1xxsMpTuXFGt8fYHMreiBaTAdz1z1viYMxAmLYitPzCIELwU68y7kjtx3X0m-KDXHqE9YRlzhIMlOt3clxgDbNdF3uW-4NM4hp8nl3I8F-YHG90sYjxIuwjz0QvWrUqWFy_rUaLw_nUM-Jg-_-gRjEqe39ncfVb4NgFPAGfSRRxAe4-5HJzh2On-8HbgrYiWWo22-KPJSb2jWFHsIvgHaMFMnW7VCEiev5ETcvOKK4UaQp-wRYY_oH3YrA0MDbEZd8xBRI7Vsl9Ed0amGrQ8yyebZx01EygKfvGlqiMXpbwbhGo-ZtyKyyMyHcqP3RoCa7P_pEbRhUtrZndYEDWUAOshAAOk4Hf3Oj1TOsfQMbl4l3oPI9DxBWhEsBMPJ9VwilKzKwYp8ontLpme4jk8T2ZRcEtZS_v2R9BF2ztc4z_epqxeARHLganY-JQsgsTJTFGy9FcYzLMaxIddhQAgGyUkH4E7IDV3uphCni-HoF4LER5FCNulpMAoE0RDzZ9Mk_uBdvx99sftit66avdKDGO2LeQIBWpoixhkVyTbl7dTKWDJ9Kh0VdDIJ3w6Kl8dAkrIiJqbrAvjxj_xKB_47I6P5lZ6ZYf2b7GqrfiQP11ZHQtw86c-38Dx5KvEV_6EDhyFHuS-u3NZM1uoSEZPD_mG1zCjwAyap-VTnLScPdBxmCBxaOydIpqhBgxRybeA1HWG075FZDhejz5ovYgJtl4uqByLbaWk1Dg7Ds1VCh2zcopr01IgNUci55ODCzJMAvrPGwZZd1PYJNu8R2LS0gKOLZrOq1CuOFTiqccp9Htwd_wtPFrJWdMy2JkPptuEOw Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	IAS_PassbackAds_300x250.png static.adsafeprotected.com/ Frame E8D9	14 KB 14 KB	56ms 56ms	Image image/png	52.48.135.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:32 GMT last-modified Wed, 14 Apr 2021 17:24:38 GMT server nginx/1.16.1 age 31020 etag "65a8b98b798ce416d94c2847aca40c71" x-cache-status HIT content-type image/png cache-control max-age=604800 accept-ranges bytes content-length 14233
GET DATA	200 OK	truncated / Frame E8D9	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 61a04a774f539c82fcbf47821fc75709b0fa3b4b0fa83f3e3259b1caf1508c22 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dt dt.adsafeprotected.com/ Frame E8D9	43 B 215 B	112ms 112ms	Image image/gif	3.215.71.212 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=709972&asId=740dc9e0-ff62-5e1c-d2d2-8bfcaaf5a28c&tv=%7Bc:dijW6K,pingTime:-10,time:534,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1621636052465%7C%7C9fec760d7d064908d679bb6a663243e8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C6d2c28acd7b1fc54bee5d4c288be4c3d%7C%7C796c3d500e60eb838ae92cca06b9c58a%7C%7Ca8b458d786ac910e89e8f56d810c5b79%7C%7C5c4a87b30c1f6a61c029713e516e2b97%7C%7Cf8730787efc69a0dd75adc5e353a4233%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.71.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:32 GMT x-server-name dt26.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	integrator.js Show response adservice.google.ch/adsid/	107 B 122 B	29ms 14ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ch/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:32 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	28ms 14ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:32 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	14 KB 8 KB	582ms 581ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=4259321351876998&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C254%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D70%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C20%2C17%2C19%2C20%26lb%3D200%26reqt%3D1621636051886&eri=1&cookie=ID%3D8d2acfcd86611226-22a679281ac800ce%3AT%3D1621636051%3AS%3DALNI_MaGBGeeqOFbhPNukMqs24N_k43D9A&bc=31&abxe=1&lmt=1621636052&dt=1621636052890&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=639&adys=171&adks=3122676339&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 7c5438a7876a2e2fc63c5c72084d89a40610c81424e3764d10450d6eb8a61139 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8540 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	14 KB 8 KB	778ms 777ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=3848811003022471&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C253%257C%26iid15%3D1469622%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1469622%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D70%26br2%3D200%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C20%2C17%2C19%2C20%26lb%3D200%26reqt%3D1621636051903&eri=1&cookie=ID%3D8d2acfcd86611226-22a679281ac800ce%3AT%3D1621636051%3AS%3DALNI_MaGBGeeqOFbhPNukMqs24N_k43D9A&bc=31&abxe=1&lmt=1621636052&dt=1621636052906&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=171&adks=840336167&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 639919f3184a2bc43e1037cb85be39555266cbab013923f20b88d21eb4be8ab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8419 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	14 KB 9 KB	549ms 548ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3809025683721467&correlator=571690230005712&output=ldjh&impl=fifs&eid=31060790%2C31060853%2C31060990&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=2&prev_scp=a%3D%257C5%257C%26iid15%3D1489595%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-1489595%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D140%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C131%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C20%2C17%2C20%26lb%3D280%26reqt%3D1621636051904&eri=1&cookie=ID%3D8d2acfcd86611226-22a679281ac800ce%3AT%3D1621636051%3AS%3DALNI_MaGBGeeqOFbhPNukMqs24N_k43D9A&bc=31&abxe=1&lmt=1621636052&dt=1621636052910&dlt=1621636047521&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1363104601.1621636048&ga_sid=1621636048&ga_hid=482970588&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash d37796b17ba64c87fce0fcb8ea5f7f52d0da8421f8452f0f5a0f694f71d2b738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8862 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E8D9	42 B 64 B	52ms 47ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIDBBysN_LnGiA-K-KsZjsdg58zeuVgwIUEnO8ZxBjRpnbQVAp4Lia-F_tK88l7Q6AtA085w_eQ-K4JTXX8KQtt9EXhLtbiFB5FGwlsyFhsg&sai=AMfl-YQ1qzG2ChDlpOQ5yKHMAUOn7z3zK49rgTlvSDt8iXJRlNWSjc15xklNeehZtRgfOHIc_OWd-eGi3Mt8nJ-KkPvwMhNHcaoS7h6u752q-DaCYIb33L-chjsW99rdh1A&sig=Cg0ArKJSzAwGMXD5Ytq-EAE&cid=CAASFeRo-uC6ky9T9pqGqxAt3_JC0Mu-8A&id=lidar2&mcvt=1000&p=171,974,425,1274&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3122676338&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621636051718&dlt=14&rpt=442&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 65 B	23ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvv=200; ezouspva=1; ezouspvh=200; __gads=ID=8d2acfcd86611226-22a679281ac800ce:T=1621636051:S=ALNI_MaGBGeeqOFbhPNukMqs24N_k43D9A accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvv=200; ezouspva=1; ezouspvh=200; __gads=ID=8d2acfcd86611226-22a679281ac800ce:T=1621636051:S=ALNI_MaGBGeeqOFbhPNukMqs24N_k43D9A accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H3-29	200	container.html Show response e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA1D	6 KB 3 KB	19ms 6ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 22:27:28 GMT expires Sat, 21 May 2022 22:27:28 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 5 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDg5NTk1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYWYwNjNjMjQ0MDg5YjUyZWM1YTA0MjNhMjU4ZjFmOGUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDI4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDg5NTk1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDg5NTk1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYWYwNjNjMjQ0MDg5YjUyZWM1YTA0MjNhMjU4ZjFmOGUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDI4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDg5NTk1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=340; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:31 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 40 B	21ms 20ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 22:27:33 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=340; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	21ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzNjA1MywiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NTUwLCJiaWRfZmxvb3JfcHJldiI6MjgwLCJiaWRfZmxvb3JfZmlsbGVkIjoxNDAsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU1OCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzNjA1MywiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NTUwLCJiaWRfZmxvb3JfcHJldiI6MjgwLCJiaWRfZmxvb3JfZmlsbGVkIjoxNDAsImF1Y3Rpb25fY291bnQiOjMsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU1OCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=340; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:34 UTC
GET H3-29	200	container.html Show response e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F9E	6 KB 3 KB	6ms 5ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 22:27:28 GMT expires Sat, 21 May 2022 22:27:28 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 5 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	24ms 23ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU4NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU4NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=410; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:32 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 17 B	21ms 21ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 22:27:33 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=410; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjM2MDUzLCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImJpZF9mbG9vcl9pbml0aWFsIjo0MDAsImJpZF9mbG9vcl9wcmV2IjoyMDAsImJpZF9mbG9vcl9maWxsZWQiOjcwLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1OTUsIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjM2MDUzLCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImJpZF9mbG9vcl9pbml0aWFsIjo0MDAsImJpZF9mbG9vcl9wcmV2IjoyMDAsImJpZF9mbG9vcl9maWxsZWQiOjcwLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1OTUsIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=410; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame CCCF	478 B 253 B	26ms 25ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGIqH9ZkBMAE&v=APEucNW-8oylMQktM58jkLKYqGj1zHaIS16Cj1RfpWTIRB7Qkh54Is7qefi54xsDSMikZeidbdycB1wIz3TAbdYivawLrqiN6Q Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CLS7QxDXu7cBGIqH9ZkBMAE&v=APEucNW-8oylMQktM58jkLKYqGj1zHaIS16Cj1RfpWTIRB7Qkh54Is7qefi54xsDSMikZeidbdycB1wIz3TAbdYivawLrqiN6Q pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkbzbFoauY8mTfPtcNm1ipMltlOVBvqD5TCEr9UN6uq7MfIE9XR7NoCYEjwmwY; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 22:27:33 GMT server cafe cache-control private content-length 230 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame CA1D	58 KB 24 KB	48ms 46ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjrUmea3empuaXfqSpnseLZZPqswTOFL5PnvBjO7idywQxGyIL2SPgmTQCchrAP_kAdhlcOI2mlCMFMbfFuUHJoL0MEuXtc8vpSOfikvDvDrI6Ca6Pk74exrIxK7nXQbTw-_dk1gT_VdJt8ceR-9S4zTjdDg&dbm_d=AKAmf-AM0ly0Ya6ZmHH6vHLi5pSY6J45FwCRbeLEbuIKdMiGLfDH3Ln5dNgtvic2j0teLEDsj529KcDGZykNLoQ1FzCxSHlGwj-wZ7sqwaOKkKnqvPg6lj_uBA5zuZo4uwB4K-btKv4EbhvQ-uO4WTe_Icm4MfrDjlBDfl5jj-XXSn3S9ReYDPINjL2oe4g-EqVLE9U4k2oUke2aIkHwdVlHNg-1yyMXiaX8c9g2GoDv-DfapQS62E9rH0AxtoeDK3kT0gRDzidmCch5Pk6y8yGB6GVuzQ_uklov9UQt-wyouMKSnCaaS59twqJJPdROkQSthkhdBtPq18Qw-EiGg7zezcwGToT29EaGyihTRd68KWy4aor7TXCbqya96zQyOwZzG8LKt5ReHGRwW4ChyXTtuGMs27_xPuBcFEzw8J6w8zcQ0otXriPfOUXBrpVVwhDfr1irqJ7Y9yZiPpKl7u6Pwv3NdMXctUcQyjhog2cwyczYAFgWb0KAskPp6AMcY0-hQ4pojhCZh7biCFubbeAKJWMbxKMZ9lP07f8utydhTmSEH4hI6OirLWIOA5jt1g6PirCH-N4KvJiO7N8rGvVyP3q9GfzdbqKJu3nMs6ShjCvd5RFv8C8ug1ynCBr0-6X1W5WxPtfvcCE46j_5QdX8w650EvMivgTkoWasOYy0wRlmOusZjHFlq68G3uZFz79XgKXucyuyLEBbs3EQrwEpEYr5Po0jtvSbDiA7h5gbA-3IxdJ0cbOCWHQVKsDOQv7czIzRqDumG0WmwwZgbZS2jVaXqdCi1awsMrioiRXWwgJFb4s-1Q8S97d62FdtdckQyrlAo6wfIuje_JuVY36A-yoGM1Sv2HzwtiY3gPD8YmAB0yySuilnY_R7X2aIKhT5LBcPrjFx9Esb65w2APPsAL-oIXC6bdPEB0N5o18slwFg_dwJpHm7sjp_uKobcAX1xd0dXDUNUepz2Sqs3iInD-wBRkNiQNkq5I7ZMBP1Lw_x1gSQ3U8YwelM1OMirYVupm541opUjP-_QGoqgDeS0nPjGr5WMfXMY23YCrHwdE5zChrtQ1gBrW0vDBHgccwye_Pp6jaNPBkr63LruX75qUdZWcSI8DpzwFe5V6G16W_qDNOmH0x6UCnt0Qp6lcuHxE0_PpYQMUTkwMkE-9AlANjQaen3-hKd4-KQI-YBsUg9IQmHYinY_GzV0zEQdbwAp3q3bvvIi7f45F8Ce6nyHXIgRG9uTq6qt68YFZMquBh2WKxaNB4bjJOE2nxH1UluL33dNhX_Iwkvoy3Ls7szpYMNiRhDvy_4DO45YenK5kvFyC962eOGYn-ETTuqKFGpYGgZeG-fxS3ZKwWFjeAvb9IMz9lkFeu2xlDgwyAcAwSwn8HGwtSmCsGC9lIVHDiEflYRaGXMbc1HtSw-1FH74Hz53cODZB7MiMj6rurYQ14L2KtfrmcpaXMfof2uptzhOY5drrdjJZ4QDra35wsJ1lfRlLmKxxqCUyloJML2CVUac9N7wxJ9_bUUXPwMlEtn1cPkPIWMhNjztfOY2vE6TFjePUywi-zk3_5_0TlwXzlqe2wV4oACvqryUvveUUF9aoXCR7b0wDzeF8dTSAdrE3gMLO81JYIxccrMj6xdyZQIcUE-uDrwJCztQQOZjeWEdsQKwxSM29clFHSD22-ysUSXVPBLiO6j7G5J5ImzX_gdXZGLGmNiiut_hKJL_q58yMzw7Y1J405M2QzalRABImasQGrk_3iZ1BbQDKB_HAJNMXl8idVMwYl4kWMHWix59AI1SLAOVvpiMY-syLeLkEFpM_W8WZIbsjg0deqdHQBKgs4TgFnYKiJcL-hEg4yXhBrgylC3Q3a1oDwtPmZMJK_h4EXbl7IjF1Omh3cIrTiHpAMN6W-OBUWwI9w16pLK3JpouY6NjBvtSkEzQMU02u6bcVbjLoO8fu_kzwjN7r_UXb-eO_M32SjOHhBM_Qjo-ElyUNKb13i7QF64qI8uYsSpB5l_JPh4V5orsdrvolIPBGZILeLEqa3MhxaFqw5KeObm5Wob6-R4TwgfVpAnenpengf4Rwqg_sc_w3DmK94WIkvKwDvINTGa3glKVNeng1B5UxqCv_R9f5HU-d9SzjZaLC3JD5KPmh5A5DGV-3fXLpziZphF0W0tv91FnSvYKyUI7gISy4kZ_nZVucRd4YHHIsLOTm9tmVAugQW1LKH3xzaqLb1ENfNgIQwP3F5MnUiXukV_MxmB-NmTMdgZJ1Xv4zFXX2Ht9hW1xTY4yzOHInuqpzK3zKltC4zfPGSfCmYX8RXP-5A4yJWvKmlISnxXiOyIm7DRi6Vh-hVsRH-i3vneEM3EsQRCX69yFjCZdrHeOTyUhYxgZKvx3y0ST4WXWmZQTbs3-dn_sDMoK32D03oDz90lw2On_nuSsJkmcPhOlo0Gfj4chwZpR84M5mTxrbo_knwdV3vay-QtICXMv3xjbuvWKXytNDKxOB9kZfTNQaFsfUqou-PdmS1Z9dvsbEbfDAImpYxU6eIWl5agOzUR4_4XheZCzb3lTW8UjqcSOy7kBH_EFGL11UxG4YawzxYMh4MfRohAU-GOwChlQSUUlmAGjPDNspZqKMUwGnXE2ozYCl8sen-km_k0SSLfXkaU7exulWJcv9_JUgsvAEo41zwRlnLYslPmWYwB7rBvd7kDCUpbeULLG-3pYxh4Na6JZ6aVPYplOJMWigxzxgq4Cyn6bh1zUjqYi5y5FlruiLurJdKFnVz_yDO0DF6kAWbcGIyYZVF8gKd4U6aYU03cRLkPKu3lENeyfditrB61PR16ftZMaAgNzU5Xrq90mAXdVz_BM8BgzB4QPIpjE9G3Ngj_drbfaAHLDnzVkYDOfkPsD2sX3c1gR6XeGvaLp4Imr3K6O1y0eRyj40_mEgJuDZiShfCSsks7xVS48YXwPAxJp4PHxWE9VgcUCCbHHK8-eL6LhSLnMUZrbDEgl_CJZPYmqWo1GRNQuFpZs1C2BScbAC7JPqgAzBbW8y_GPi2-5Y1K4bNsRkttlz4WG56PNTZnss0tb1f7wbUJY77dZS_XEiLImOOLo360dsqWkktwBA&cid=CAASEuRoWmo6ztYkshd6V8nYJ51_cg&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9784243ea6d396bd25de173b4ac9b10ebb1ea76896f503b672ca92c055ae765b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24148 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame CA1D	42 B 63 B	41ms 38ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-kYbdRLo4YN47jbICX2eTFut-TmgqHzao80S2KkqFNRBz8od3jluqPNaNPaG_ca93xKjca-bD_2n9QQ0ActUuI9pQDcGDzZsG7SCa2V3tj3WABwU Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame CA1D	2 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:24:48 GMT content-encoding gzip x-content-type-options nosniff age 165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:24:48 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CA1D	119 KB 36 KB	23ms 21ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame CA1D	13 KB 6 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:25:05 GMT content-encoding gzip x-content-type-options nosniff age 148 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:25:05 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0A58	478 B 253 B	22ms 22ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNXUC08D3o4ooEWwT-yCBM-z7T6GXRVGuBksK94LP9yCIrlMw8uPJfVN9uuCthjS-sbX17KoR9KdziVovnGKpBq4ibn0ug Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNXUC08D3o4ooEWwT-yCBM-z7T6GXRVGuBksK94LP9yCIrlMw8uPJfVN9uuCthjS-sbX17KoR9KdziVovnGKpBq4ibn0ug pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkbzbFoauY8mTfPtcNm1ipMltlOVBvqD5TCEr9UN6uq7MfIE9XR7NoCYEjwmwY; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 22:27:33 GMT server cafe cache-control private content-length 230 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 5F9E	57 KB 23 KB	77ms 77ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0QxZhNGjsZoXwva5UM5Z2MWl5RCZjSaWHkoZbd7aipcqvHSZgxkZUCOQS3awahKO5wjjJ-JCp8evX-Fd-V17hvHpT_dBZlv3vXF8Fa0JliuwuwWZsEgxFlnoH_l3adn7YIcyy369EJEk8BlFwdxLLG1Y6zA&dbm_d=AKAmf-CBl8LuXfZwThG8c4LXdadowZK05vjqO8FqWeGQfxKAfbBx4JuqJ0-ErMCG4-MGFYNeAMoMmuUlOTJSZvLnz6FQHrLuW2qZ0i-rewKt9SAtyzMZaevPHbCliScydmamJIxJRdii87SXu2aosXMUw7c9b-H940gFja5oAyUlGPg4UVrjp1nXy2oAI8cKfxKQA0-ojw55e1d5BRYSf68V5AeRnpkzyt9EIqYCEZHX4vNA0Nb5RTiwEjPgGZO3KcTJqpHSkeE2Rz1h8aJonDgO75sMOiVjhS0DxxBdivlpTFXX-lL3wCnHVrDJP5tkKSldqfaRVVMDvP0Msbb5Hh_oaH4f9kvPctrn-3SCL7J24T-y8fDHWL7J-y97RFWbk60356tFL41O_TkOXUiYmBzRgmlhBNRzy7Ie9QKIzdo3cxF7WosLlxHHJclB-qUJip1JJyDuHt6jR_uFc732duvIVJb8FwAcqjO2RaOqHy6yZeXL5fK06OREEvlexkhh2dsH6mDUOrEYP4rKo5G9ZuNmNojjBM_i8oFT0mRCOSpdCi1_lW96ukI5JP7QObGbUUyevqggzuAG6QlcTjjPPoyjaZ9KBvWOYt0CcwejFVoJd73vLNY3bkHTfSTCnjBcwlpLpwgfjn25QpqIzlzf6fWgKjbuj_yPZi00dC02yirKfqxCJpw1l8L24EDs2ccUvh_cWfg9g085WD_xp1obfjQshyO5qNdq3cNj9X9qDv_WbL2ov1oNbEYO3KvGDg16JEtK4kIBsXw9Br7XJWeM9iDceMB4-8wUS2COjOGtiPUshNhKqk1s9XIX0gln5VAwl9y-njMspQ3VMAe8K7fiDSDBVLW1ZCpTLwgxCQECe85DEh5gvPiQ8hz8NzLBbLyUOxdZhF1LHFvZy3G3V9D1NlxJlXhwoj7tzsLwLdZC8dapfK5xx2a1abPERf_DD1n_NJVSh0W0NW6eZwVQAjcd1lv4QYtN8bPav3CA2sWzL84ja-rFX1KAOwuvoL-0yjgvT7FJymTmi2F-QK65v5WSVFERZwBuKW6KE1ASFbBSmp28HuV2mHqWCGwCR2k2LWumxzbYoQI0RI5U7has_1apcWEB3w_u0KErJ0zAbC8_-_H4gYCaCRKmf_X6Zz3f4zSbsZjxxE0LvlAonkgo6GXl7OLyGY-RqhphzDI0tCVUY-CvPTzBBNMxNHvaPAPVEjVmFV0pj_hc1Ty2slc_Cy4kGkD7t0W2D9ypPYNPOYQr6W9rR-YtPoBXhsn8qq6xRHn2QpBay1vOSE3MyZeRWfQpyWJCOeE_oL0bfhU2kBWWUVwrVn_0gwgm6Q4TjKwNvSGAZPBj5N0OZFbVt2noW7347oEzmkUdIMXiHql5QACLiVjG5DbScJ9Pj4q1NxIRsxLnlhXaAm9b_DuqgW-Phk_9rxmmVOlQ6pJqqQZ41q1JNEyrL3VKfIFb3aV0vYsmRPiE1vsk4MLubArDFgj52jaRqA7H5ZqMmAUbN4mVw75IW96_ph0Jx0qYVpk2HspAt4DGhTiO08v7f7hhYVpOSHpdPzRFdPC1V1Tqi5TDeQZ2FywxGf4EEwHqw9yB-yFZvonxyapzxJOQwuV2ZqeeRoVck4bebZjOKNC_xNJBShECx62958ajO3KlPsRrxJtUUtAD5IX0mSsGWBkUhuaF896B5mFB5OGtjiPUD9jbUqUUPblAXSHyuyN7wB3yGAqnFih-8kcAZTLrPgiYdQMyOdLj0kjfXoCzl2X2EQyY8yR9I5XVWSrJEo0T3AtJUZR5gC38w4Fmdv7tNd6JPwDhCnZHwTsw1KtgzsaWCfC867iAeOLj7cwyDNMc2sqIs8f_CWcH8ECAGc4t7PtHr3BAPUcDn2ukNFMyqMQhnXdqUBvSRN41onuQhWy2GySyQXUYiSBVW4H2RsoZiZNyQ4YpGTWRk0nbG0OyMPDFcf28S_ww3cRwQX_qf1uKoVb4rCVOHIlL5Tq0lP3euaM16ABhq-COXMcgNjjqpjisk_-kZbr4eirVCN3zuRuc2rjI2cb-6tvoR4_g1jWUZJgc2023gaqH6fFhSPj9gicxzKW4YUTdCvmkEvIwLGbzs-Nn9qO-gBUYGETzicpIRjFyd9dqLUNObdlycBrS5_RBZ_M2kdKT16tM57FRdWMv61rjn8-Tj-rgvYzE1uyV2jLNTFDrnv79KpNU5MwC1LkSEH7N6NRzLf-PBzxrQ-mzTNabHfneAX3W078_kmOVVKgdQe7yhCyTw8gbxM0dq90Xe8ERxNHGXtIo7YC7CZMH5XB0TGpCra-6Bwira77za8YzjnlsVvKt2o68gwwdu7FAhKdkConAG3sXhL1rTHZiO_2-Qx5eOXwT8F21HMUayGRnyD6L2ZWipAGXx-D41_miQoLfmDGTaGNh7d3xN8qaiu-kFAltCg2Zh2eesQIBRjGQ1VkZFcjQ6jcrWVF-t_NnmCohJxWFSptuGA5Vlaf6IYs2Fel_dKmRBE4LO4mFseJ9H_xwFYdYdPcUpGhFaUG8qzQhx2n3SoNTXBBD7si3leMygSz3UhhNP4k8ckjp-033jzR5ERgzbaEFep4wZHujKMA-vVZ7xBJWmJHQqy-JZqUJDnLEsuismoi8GUgmW9s5kkjzM5R94MNStdZSy8CLqzuA7FxBIZ8CmGKlxIJCWK5ohaEsswrBFwzuVr7OHVjcCxxGqBLNrFsUuZFkWsUf9Y5FaX2oo3UDut_5ch_vFgV2ACKcU8QXfKY0MZFgFBm5QMn_IN5iZDQ9hMfXE-lI_-i-aWlbWUq3tpO2PQTnPB_tpiUlaA8wkyZg1zULt1xdzjeqKMh064UHtRXSjf66j-9NS1Xss15iGnyyY8RLdr2NqJmL01U3-3o4vBpqRLb36IgEtW5rKKWUKAYFxorkRbnszxAU4YDS-Rzd65G9agoEfrcREUTIBAsf8yePjGBdg0Pbzv60f0oLMWYsdzqc7dLD0Ey5IAcDO6wlspP7T-821euw82E_JpAwcSGBmp5X&cid=CAASEuRotzN_A_jFvaIFpcgeXsjS5w&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bbbdd6e3204a7b6e66eb67f0449e1c54de76672436c1783e375a7c4406902f54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23744 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5F9E	42 B 63 B	39ms 38ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COVjC2mXwpsRzauUzeF7B296aDTNU8JI7RP9s5JjZugIC2bt2274Mjd9VQWZJcaCVqeXSLLw1l9FCHg4kqAw9GSQVZI08hMmEZdmCpSkkG4yWjHBQ Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5F9E	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:24:48 GMT content-encoding gzip x-content-type-options nosniff age 165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:24:48 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5F9E	119 KB 36 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5F9E	13 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:25:05 GMT content-encoding gzip x-content-type-options nosniff age 148 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:25:05 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0A58	170 B 188 B	29ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNXUC08D3o4ooEWwT-yCBM-z7T6GXRVGuBksK94LP9yCIrlMw8uPJfVN9uuCthjS-sbX17KoR9KdziVovnGKpBq4ibn0ug Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0A58 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1	43 B 894 B	30ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNXUC08D3o4ooEWwT-yCBM-z7T6GXRVGuBksK94LP9yCIrlMw8uPJfVN9uuCthjS-sbX17KoR9KdziVovnGKpBq4ibn0ug Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:33 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 22:27:33 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0A58 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgz02CPlXV56VkkcerrYwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1	43 B 894 B	31ms 30ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNXUC08D3o4ooEWwT-yCBM-z7T6GXRVGuBksK94LP9yCIrlMw8uPJfVN9uuCthjS-sbX17KoR9KdziVovnGKpBq4ibn0ug Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:33 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 22:27:33 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame CCCF	170 B 188 B	29ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGIqH9ZkBMAE&v=APEucNW-8oylMQktM58jkLKYqGj1zHaIS16Cj1RfpWTIRB7Qkh54Is7qefi54xsDSMikZeidbdycB1wIz3TAbdYivawLrqiN6Q Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame CCCF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1	43 B 894 B	31ms 30ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGIqH9ZkBMAE&v=APEucNW-8oylMQktM58jkLKYqGj1zHaIS16Cj1RfpWTIRB7Qkh54Is7qefi54xsDSMikZeidbdycB1wIz3TAbdYivawLrqiN6Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:33 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 22:27:33 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame CCCF Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgz02CPlXV56VkkcerrYwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1	43 B 894 B	30ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGIqH9ZkBMAE&v=APEucNW-8oylMQktM58jkLKYqGj1zHaIS16Cj1RfpWTIRB7Qkh54Is7qefi54xsDSMikZeidbdycB1wIz3TAbdYivawLrqiN6Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:33 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 22:27:33 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDt9wUxm9QH7WOfXQbPED84&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	23ms 23ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMTAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMTAifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=410; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	23ms 23ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNzEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjYzOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTcxIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNzEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjYzOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTcxIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=410; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame CA1D	176 KB 61 KB	28ms 5ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20446 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 16:46:47 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame CA1D	8 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjrUmea3empuaXfqSpnseLZZPqswTOFL5PnvBjO7idywQxGyIL2SPgmTQCchrAP_kAdhlcOI2mlCMFMbfFuUHJoL0MEuXtc8vpSOfikvDvDrI6Ca6Pk74exrIxK7nXQbTw-_dk1gT_VdJt8ceR-9S4zTjdDg&dbm_d=AKAmf-AM0ly0Ya6ZmHH6vHLi5pSY6J45FwCRbeLEbuIKdMiGLfDH3Ln5dNgtvic2j0teLEDsj529KcDGZykNLoQ1FzCxSHlGwj-wZ7sqwaOKkKnqvPg6lj_uBA5zuZo4uwB4K-btKv4EbhvQ-uO4WTe_Icm4MfrDjlBDfl5jj-XXSn3S9ReYDPINjL2oe4g-EqVLE9U4k2oUke2aIkHwdVlHNg-1yyMXiaX8c9g2GoDv-DfapQS62E9rH0AxtoeDK3kT0gRDzidmCch5Pk6y8yGB6GVuzQ_uklov9UQt-wyouMKSnCaaS59twqJJPdROkQSthkhdBtPq18Qw-EiGg7zezcwGToT29EaGyihTRd68KWy4aor7TXCbqya96zQyOwZzG8LKt5ReHGRwW4ChyXTtuGMs27_xPuBcFEzw8J6w8zcQ0otXriPfOUXBrpVVwhDfr1irqJ7Y9yZiPpKl7u6Pwv3NdMXctUcQyjhog2cwyczYAFgWb0KAskPp6AMcY0-hQ4pojhCZh7biCFubbeAKJWMbxKMZ9lP07f8utydhTmSEH4hI6OirLWIOA5jt1g6PirCH-N4KvJiO7N8rGvVyP3q9GfzdbqKJu3nMs6ShjCvd5RFv8C8ug1ynCBr0-6X1W5WxPtfvcCE46j_5QdX8w650EvMivgTkoWasOYy0wRlmOusZjHFlq68G3uZFz79XgKXucyuyLEBbs3EQrwEpEYr5Po0jtvSbDiA7h5gbA-3IxdJ0cbOCWHQVKsDOQv7czIzRqDumG0WmwwZgbZS2jVaXqdCi1awsMrioiRXWwgJFb4s-1Q8S97d62FdtdckQyrlAo6wfIuje_JuVY36A-yoGM1Sv2HzwtiY3gPD8YmAB0yySuilnY_R7X2aIKhT5LBcPrjFx9Esb65w2APPsAL-oIXC6bdPEB0N5o18slwFg_dwJpHm7sjp_uKobcAX1xd0dXDUNUepz2Sqs3iInD-wBRkNiQNkq5I7ZMBP1Lw_x1gSQ3U8YwelM1OMirYVupm541opUjP-_QGoqgDeS0nPjGr5WMfXMY23YCrHwdE5zChrtQ1gBrW0vDBHgccwye_Pp6jaNPBkr63LruX75qUdZWcSI8DpzwFe5V6G16W_qDNOmH0x6UCnt0Qp6lcuHxE0_PpYQMUTkwMkE-9AlANjQaen3-hKd4-KQI-YBsUg9IQmHYinY_GzV0zEQdbwAp3q3bvvIi7f45F8Ce6nyHXIgRG9uTq6qt68YFZMquBh2WKxaNB4bjJOE2nxH1UluL33dNhX_Iwkvoy3Ls7szpYMNiRhDvy_4DO45YenK5kvFyC962eOGYn-ETTuqKFGpYGgZeG-fxS3ZKwWFjeAvb9IMz9lkFeu2xlDgwyAcAwSwn8HGwtSmCsGC9lIVHDiEflYRaGXMbc1HtSw-1FH74Hz53cODZB7MiMj6rurYQ14L2KtfrmcpaXMfof2uptzhOY5drrdjJZ4QDra35wsJ1lfRlLmKxxqCUyloJML2CVUac9N7wxJ9_bUUXPwMlEtn1cPkPIWMhNjztfOY2vE6TFjePUywi-zk3_5_0TlwXzlqe2wV4oACvqryUvveUUF9aoXCR7b0wDzeF8dTSAdrE3gMLO81JYIxccrMj6xdyZQIcUE-uDrwJCztQQOZjeWEdsQKwxSM29clFHSD22-ysUSXVPBLiO6j7G5J5ImzX_gdXZGLGmNiiut_hKJL_q58yMzw7Y1J405M2QzalRABImasQGrk_3iZ1BbQDKB_HAJNMXl8idVMwYl4kWMHWix59AI1SLAOVvpiMY-syLeLkEFpM_W8WZIbsjg0deqdHQBKgs4TgFnYKiJcL-hEg4yXhBrgylC3Q3a1oDwtPmZMJK_h4EXbl7IjF1Omh3cIrTiHpAMN6W-OBUWwI9w16pLK3JpouY6NjBvtSkEzQMU02u6bcVbjLoO8fu_kzwjN7r_UXb-eO_M32SjOHhBM_Qjo-ElyUNKb13i7QF64qI8uYsSpB5l_JPh4V5orsdrvolIPBGZILeLEqa3MhxaFqw5KeObm5Wob6-R4TwgfVpAnenpengf4Rwqg_sc_w3DmK94WIkvKwDvINTGa3glKVNeng1B5UxqCv_R9f5HU-d9SzjZaLC3JD5KPmh5A5DGV-3fXLpziZphF0W0tv91FnSvYKyUI7gISy4kZ_nZVucRd4YHHIsLOTm9tmVAugQW1LKH3xzaqLb1ENfNgIQwP3F5MnUiXukV_MxmB-NmTMdgZJ1Xv4zFXX2Ht9hW1xTY4yzOHInuqpzK3zKltC4zfPGSfCmYX8RXP-5A4yJWvKmlISnxXiOyIm7DRi6Vh-hVsRH-i3vneEM3EsQRCX69yFjCZdrHeOTyUhYxgZKvx3y0ST4WXWmZQTbs3-dn_sDMoK32D03oDz90lw2On_nuSsJkmcPhOlo0Gfj4chwZpR84M5mTxrbo_knwdV3vay-QtICXMv3xjbuvWKXytNDKxOB9kZfTNQaFsfUqou-PdmS1Z9dvsbEbfDAImpYxU6eIWl5agOzUR4_4XheZCzb3lTW8UjqcSOy7kBH_EFGL11UxG4YawzxYMh4MfRohAU-GOwChlQSUUlmAGjPDNspZqKMUwGnXE2ozYCl8sen-km_k0SSLfXkaU7exulWJcv9_JUgsvAEo41zwRlnLYslPmWYwB7rBvd7kDCUpbeULLG-3pYxh4Na6JZ6aVPYplOJMWigxzxgq4Cyn6bh1zUjqYi5y5FlruiLurJdKFnVz_yDO0DF6kAWbcGIyYZVF8gKd4U6aYU03cRLkPKu3lENeyfditrB61PR16ftZMaAgNzU5Xrq90mAXdVz_BM8BgzB4QPIpjE9G3Ngj_drbfaAHLDnzVkYDOfkPsD2sX3c1gR6XeGvaLp4Imr3K6O1y0eRyj40_mEgJuDZiShfCSsks7xVS48YXwPAxJp4PHxWE9VgcUCCbHHK8-eL6LhSLnMUZrbDEgl_CJZPYmqWo1GRNQuFpZs1C2BScbAC7JPqgAzBbW8y_GPi2-5Y1K4bNsRkttlz4WG56PNTZnss0tb1f7wbUJY77dZS_XEiLImOOLo360dsqWkktwBA&cid=CAASEuRoWmo6ztYkshd6V8nYJ51_cg&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:13:10 GMT content-encoding gzip x-content-type-options nosniff age 863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:13:10 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame CA1D	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjrUmea3empuaXfqSpnseLZZPqswTOFL5PnvBjO7idywQxGyIL2SPgmTQCchrAP_kAdhlcOI2mlCMFMbfFuUHJoL0MEuXtc8vpSOfikvDvDrI6Ca6Pk74exrIxK7nXQbTw-_dk1gT_VdJt8ceR-9S4zTjdDg&dbm_d=AKAmf-AM0ly0Ya6ZmHH6vHLi5pSY6J45FwCRbeLEbuIKdMiGLfDH3Ln5dNgtvic2j0teLEDsj529KcDGZykNLoQ1FzCxSHlGwj-wZ7sqwaOKkKnqvPg6lj_uBA5zuZo4uwB4K-btKv4EbhvQ-uO4WTe_Icm4MfrDjlBDfl5jj-XXSn3S9ReYDPINjL2oe4g-EqVLE9U4k2oUke2aIkHwdVlHNg-1yyMXiaX8c9g2GoDv-DfapQS62E9rH0AxtoeDK3kT0gRDzidmCch5Pk6y8yGB6GVuzQ_uklov9UQt-wyouMKSnCaaS59twqJJPdROkQSthkhdBtPq18Qw-EiGg7zezcwGToT29EaGyihTRd68KWy4aor7TXCbqya96zQyOwZzG8LKt5ReHGRwW4ChyXTtuGMs27_xPuBcFEzw8J6w8zcQ0otXriPfOUXBrpVVwhDfr1irqJ7Y9yZiPpKl7u6Pwv3NdMXctUcQyjhog2cwyczYAFgWb0KAskPp6AMcY0-hQ4pojhCZh7biCFubbeAKJWMbxKMZ9lP07f8utydhTmSEH4hI6OirLWIOA5jt1g6PirCH-N4KvJiO7N8rGvVyP3q9GfzdbqKJu3nMs6ShjCvd5RFv8C8ug1ynCBr0-6X1W5WxPtfvcCE46j_5QdX8w650EvMivgTkoWasOYy0wRlmOusZjHFlq68G3uZFz79XgKXucyuyLEBbs3EQrwEpEYr5Po0jtvSbDiA7h5gbA-3IxdJ0cbOCWHQVKsDOQv7czIzRqDumG0WmwwZgbZS2jVaXqdCi1awsMrioiRXWwgJFb4s-1Q8S97d62FdtdckQyrlAo6wfIuje_JuVY36A-yoGM1Sv2HzwtiY3gPD8YmAB0yySuilnY_R7X2aIKhT5LBcPrjFx9Esb65w2APPsAL-oIXC6bdPEB0N5o18slwFg_dwJpHm7sjp_uKobcAX1xd0dXDUNUepz2Sqs3iInD-wBRkNiQNkq5I7ZMBP1Lw_x1gSQ3U8YwelM1OMirYVupm541opUjP-_QGoqgDeS0nPjGr5WMfXMY23YCrHwdE5zChrtQ1gBrW0vDBHgccwye_Pp6jaNPBkr63LruX75qUdZWcSI8DpzwFe5V6G16W_qDNOmH0x6UCnt0Qp6lcuHxE0_PpYQMUTkwMkE-9AlANjQaen3-hKd4-KQI-YBsUg9IQmHYinY_GzV0zEQdbwAp3q3bvvIi7f45F8Ce6nyHXIgRG9uTq6qt68YFZMquBh2WKxaNB4bjJOE2nxH1UluL33dNhX_Iwkvoy3Ls7szpYMNiRhDvy_4DO45YenK5kvFyC962eOGYn-ETTuqKFGpYGgZeG-fxS3ZKwWFjeAvb9IMz9lkFeu2xlDgwyAcAwSwn8HGwtSmCsGC9lIVHDiEflYRaGXMbc1HtSw-1FH74Hz53cODZB7MiMj6rurYQ14L2KtfrmcpaXMfof2uptzhOY5drrdjJZ4QDra35wsJ1lfRlLmKxxqCUyloJML2CVUac9N7wxJ9_bUUXPwMlEtn1cPkPIWMhNjztfOY2vE6TFjePUywi-zk3_5_0TlwXzlqe2wV4oACvqryUvveUUF9aoXCR7b0wDzeF8dTSAdrE3gMLO81JYIxccrMj6xdyZQIcUE-uDrwJCztQQOZjeWEdsQKwxSM29clFHSD22-ysUSXVPBLiO6j7G5J5ImzX_gdXZGLGmNiiut_hKJL_q58yMzw7Y1J405M2QzalRABImasQGrk_3iZ1BbQDKB_HAJNMXl8idVMwYl4kWMHWix59AI1SLAOVvpiMY-syLeLkEFpM_W8WZIbsjg0deqdHQBKgs4TgFnYKiJcL-hEg4yXhBrgylC3Q3a1oDwtPmZMJK_h4EXbl7IjF1Omh3cIrTiHpAMN6W-OBUWwI9w16pLK3JpouY6NjBvtSkEzQMU02u6bcVbjLoO8fu_kzwjN7r_UXb-eO_M32SjOHhBM_Qjo-ElyUNKb13i7QF64qI8uYsSpB5l_JPh4V5orsdrvolIPBGZILeLEqa3MhxaFqw5KeObm5Wob6-R4TwgfVpAnenpengf4Rwqg_sc_w3DmK94WIkvKwDvINTGa3glKVNeng1B5UxqCv_R9f5HU-d9SzjZaLC3JD5KPmh5A5DGV-3fXLpziZphF0W0tv91FnSvYKyUI7gISy4kZ_nZVucRd4YHHIsLOTm9tmVAugQW1LKH3xzaqLb1ENfNgIQwP3F5MnUiXukV_MxmB-NmTMdgZJ1Xv4zFXX2Ht9hW1xTY4yzOHInuqpzK3zKltC4zfPGSfCmYX8RXP-5A4yJWvKmlISnxXiOyIm7DRi6Vh-hVsRH-i3vneEM3EsQRCX69yFjCZdrHeOTyUhYxgZKvx3y0ST4WXWmZQTbs3-dn_sDMoK32D03oDz90lw2On_nuSsJkmcPhOlo0Gfj4chwZpR84M5mTxrbo_knwdV3vay-QtICXMv3xjbuvWKXytNDKxOB9kZfTNQaFsfUqou-PdmS1Z9dvsbEbfDAImpYxU6eIWl5agOzUR4_4XheZCzb3lTW8UjqcSOy7kBH_EFGL11UxG4YawzxYMh4MfRohAU-GOwChlQSUUlmAGjPDNspZqKMUwGnXE2ozYCl8sen-km_k0SSLfXkaU7exulWJcv9_JUgsvAEo41zwRlnLYslPmWYwB7rBvd7kDCUpbeULLG-3pYxh4Na6JZ6aVPYplOJMWigxzxgq4Cyn6bh1zUjqYi5y5FlruiLurJdKFnVz_yDO0DF6kAWbcGIyYZVF8gKd4U6aYU03cRLkPKu3lENeyfditrB61PR16ftZMaAgNzU5Xrq90mAXdVz_BM8BgzB4QPIpjE9G3Ngj_drbfaAHLDnzVkYDOfkPsD2sX3c1gR6XeGvaLp4Imr3K6O1y0eRyj40_mEgJuDZiShfCSsks7xVS48YXwPAxJp4PHxWE9VgcUCCbHHK8-eL6LhSLnMUZrbDEgl_CJZPYmqWo1GRNQuFpZs1C2BScbAC7JPqgAzBbW8y_GPi2-5Y1K4bNsRkttlz4WG56PNTZnss0tb1f7wbUJY77dZS_XEiLImOOLo360dsqWkktwBA&cid=CAASEuRoWmo6ztYkshd6V8nYJ51_cg&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:12:29 GMT content-encoding gzip x-content-type-options nosniff age 904 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:12:29 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame CA1D	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20446 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9163	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 21 May 2021 03:14:09 GMT expires Sat, 22 May 2021 03:14:09 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 69204 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame CA1D	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d92b7710b463709de0c35b3a9754f37c0a8151acf3b06e1597c46fec968cec70 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 5F9E	176 KB 61 KB	22ms 9ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20446 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 16:46:47 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 5F9E	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0QxZhNGjsZoXwva5UM5Z2MWl5RCZjSaWHkoZbd7aipcqvHSZgxkZUCOQS3awahKO5wjjJ-JCp8evX-Fd-V17hvHpT_dBZlv3vXF8Fa0JliuwuwWZsEgxFlnoH_l3adn7YIcyy369EJEk8BlFwdxLLG1Y6zA&dbm_d=AKAmf-CBl8LuXfZwThG8c4LXdadowZK05vjqO8FqWeGQfxKAfbBx4JuqJ0-ErMCG4-MGFYNeAMoMmuUlOTJSZvLnz6FQHrLuW2qZ0i-rewKt9SAtyzMZaevPHbCliScydmamJIxJRdii87SXu2aosXMUw7c9b-H940gFja5oAyUlGPg4UVrjp1nXy2oAI8cKfxKQA0-ojw55e1d5BRYSf68V5AeRnpkzyt9EIqYCEZHX4vNA0Nb5RTiwEjPgGZO3KcTJqpHSkeE2Rz1h8aJonDgO75sMOiVjhS0DxxBdivlpTFXX-lL3wCnHVrDJP5tkKSldqfaRVVMDvP0Msbb5Hh_oaH4f9kvPctrn-3SCL7J24T-y8fDHWL7J-y97RFWbk60356tFL41O_TkOXUiYmBzRgmlhBNRzy7Ie9QKIzdo3cxF7WosLlxHHJclB-qUJip1JJyDuHt6jR_uFc732duvIVJb8FwAcqjO2RaOqHy6yZeXL5fK06OREEvlexkhh2dsH6mDUOrEYP4rKo5G9ZuNmNojjBM_i8oFT0mRCOSpdCi1_lW96ukI5JP7QObGbUUyevqggzuAG6QlcTjjPPoyjaZ9KBvWOYt0CcwejFVoJd73vLNY3bkHTfSTCnjBcwlpLpwgfjn25QpqIzlzf6fWgKjbuj_yPZi00dC02yirKfqxCJpw1l8L24EDs2ccUvh_cWfg9g085WD_xp1obfjQshyO5qNdq3cNj9X9qDv_WbL2ov1oNbEYO3KvGDg16JEtK4kIBsXw9Br7XJWeM9iDceMB4-8wUS2COjOGtiPUshNhKqk1s9XIX0gln5VAwl9y-njMspQ3VMAe8K7fiDSDBVLW1ZCpTLwgxCQECe85DEh5gvPiQ8hz8NzLBbLyUOxdZhF1LHFvZy3G3V9D1NlxJlXhwoj7tzsLwLdZC8dapfK5xx2a1abPERf_DD1n_NJVSh0W0NW6eZwVQAjcd1lv4QYtN8bPav3CA2sWzL84ja-rFX1KAOwuvoL-0yjgvT7FJymTmi2F-QK65v5WSVFERZwBuKW6KE1ASFbBSmp28HuV2mHqWCGwCR2k2LWumxzbYoQI0RI5U7has_1apcWEB3w_u0KErJ0zAbC8_-_H4gYCaCRKmf_X6Zz3f4zSbsZjxxE0LvlAonkgo6GXl7OLyGY-RqhphzDI0tCVUY-CvPTzBBNMxNHvaPAPVEjVmFV0pj_hc1Ty2slc_Cy4kGkD7t0W2D9ypPYNPOYQr6W9rR-YtPoBXhsn8qq6xRHn2QpBay1vOSE3MyZeRWfQpyWJCOeE_oL0bfhU2kBWWUVwrVn_0gwgm6Q4TjKwNvSGAZPBj5N0OZFbVt2noW7347oEzmkUdIMXiHql5QACLiVjG5DbScJ9Pj4q1NxIRsxLnlhXaAm9b_DuqgW-Phk_9rxmmVOlQ6pJqqQZ41q1JNEyrL3VKfIFb3aV0vYsmRPiE1vsk4MLubArDFgj52jaRqA7H5ZqMmAUbN4mVw75IW96_ph0Jx0qYVpk2HspAt4DGhTiO08v7f7hhYVpOSHpdPzRFdPC1V1Tqi5TDeQZ2FywxGf4EEwHqw9yB-yFZvonxyapzxJOQwuV2ZqeeRoVck4bebZjOKNC_xNJBShECx62958ajO3KlPsRrxJtUUtAD5IX0mSsGWBkUhuaF896B5mFB5OGtjiPUD9jbUqUUPblAXSHyuyN7wB3yGAqnFih-8kcAZTLrPgiYdQMyOdLj0kjfXoCzl2X2EQyY8yR9I5XVWSrJEo0T3AtJUZR5gC38w4Fmdv7tNd6JPwDhCnZHwTsw1KtgzsaWCfC867iAeOLj7cwyDNMc2sqIs8f_CWcH8ECAGc4t7PtHr3BAPUcDn2ukNFMyqMQhnXdqUBvSRN41onuQhWy2GySyQXUYiSBVW4H2RsoZiZNyQ4YpGTWRk0nbG0OyMPDFcf28S_ww3cRwQX_qf1uKoVb4rCVOHIlL5Tq0lP3euaM16ABhq-COXMcgNjjqpjisk_-kZbr4eirVCN3zuRuc2rjI2cb-6tvoR4_g1jWUZJgc2023gaqH6fFhSPj9gicxzKW4YUTdCvmkEvIwLGbzs-Nn9qO-gBUYGETzicpIRjFyd9dqLUNObdlycBrS5_RBZ_M2kdKT16tM57FRdWMv61rjn8-Tj-rgvYzE1uyV2jLNTFDrnv79KpNU5MwC1LkSEH7N6NRzLf-PBzxrQ-mzTNabHfneAX3W078_kmOVVKgdQe7yhCyTw8gbxM0dq90Xe8ERxNHGXtIo7YC7CZMH5XB0TGpCra-6Bwira77za8YzjnlsVvKt2o68gwwdu7FAhKdkConAG3sXhL1rTHZiO_2-Qx5eOXwT8F21HMUayGRnyD6L2ZWipAGXx-D41_miQoLfmDGTaGNh7d3xN8qaiu-kFAltCg2Zh2eesQIBRjGQ1VkZFcjQ6jcrWVF-t_NnmCohJxWFSptuGA5Vlaf6IYs2Fel_dKmRBE4LO4mFseJ9H_xwFYdYdPcUpGhFaUG8qzQhx2n3SoNTXBBD7si3leMygSz3UhhNP4k8ckjp-033jzR5ERgzbaEFep4wZHujKMA-vVZ7xBJWmJHQqy-JZqUJDnLEsuismoi8GUgmW9s5kkjzM5R94MNStdZSy8CLqzuA7FxBIZ8CmGKlxIJCWK5ohaEsswrBFwzuVr7OHVjcCxxGqBLNrFsUuZFkWsUf9Y5FaX2oo3UDut_5ch_vFgV2ACKcU8QXfKY0MZFgFBm5QMn_IN5iZDQ9hMfXE-lI_-i-aWlbWUq3tpO2PQTnPB_tpiUlaA8wkyZg1zULt1xdzjeqKMh064UHtRXSjf66j-9NS1Xss15iGnyyY8RLdr2NqJmL01U3-3o4vBpqRLb36IgEtW5rKKWUKAYFxorkRbnszxAU4YDS-Rzd65G9agoEfrcREUTIBAsf8yePjGBdg0Pbzv60f0oLMWYsdzqc7dLD0Ey5IAcDO6wlspP7T-821euw82E_JpAwcSGBmp5X&cid=CAASEuRotzN_A_jFvaIFpcgeXsjS5w&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:13:10 GMT content-encoding gzip x-content-type-options nosniff age 863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:13:10 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 5F9E	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0QxZhNGjsZoXwva5UM5Z2MWl5RCZjSaWHkoZbd7aipcqvHSZgxkZUCOQS3awahKO5wjjJ-JCp8evX-Fd-V17hvHpT_dBZlv3vXF8Fa0JliuwuwWZsEgxFlnoH_l3adn7YIcyy369EJEk8BlFwdxLLG1Y6zA&dbm_d=AKAmf-CBl8LuXfZwThG8c4LXdadowZK05vjqO8FqWeGQfxKAfbBx4JuqJ0-ErMCG4-MGFYNeAMoMmuUlOTJSZvLnz6FQHrLuW2qZ0i-rewKt9SAtyzMZaevPHbCliScydmamJIxJRdii87SXu2aosXMUw7c9b-H940gFja5oAyUlGPg4UVrjp1nXy2oAI8cKfxKQA0-ojw55e1d5BRYSf68V5AeRnpkzyt9EIqYCEZHX4vNA0Nb5RTiwEjPgGZO3KcTJqpHSkeE2Rz1h8aJonDgO75sMOiVjhS0DxxBdivlpTFXX-lL3wCnHVrDJP5tkKSldqfaRVVMDvP0Msbb5Hh_oaH4f9kvPctrn-3SCL7J24T-y8fDHWL7J-y97RFWbk60356tFL41O_TkOXUiYmBzRgmlhBNRzy7Ie9QKIzdo3cxF7WosLlxHHJclB-qUJip1JJyDuHt6jR_uFc732duvIVJb8FwAcqjO2RaOqHy6yZeXL5fK06OREEvlexkhh2dsH6mDUOrEYP4rKo5G9ZuNmNojjBM_i8oFT0mRCOSpdCi1_lW96ukI5JP7QObGbUUyevqggzuAG6QlcTjjPPoyjaZ9KBvWOYt0CcwejFVoJd73vLNY3bkHTfSTCnjBcwlpLpwgfjn25QpqIzlzf6fWgKjbuj_yPZi00dC02yirKfqxCJpw1l8L24EDs2ccUvh_cWfg9g085WD_xp1obfjQshyO5qNdq3cNj9X9qDv_WbL2ov1oNbEYO3KvGDg16JEtK4kIBsXw9Br7XJWeM9iDceMB4-8wUS2COjOGtiPUshNhKqk1s9XIX0gln5VAwl9y-njMspQ3VMAe8K7fiDSDBVLW1ZCpTLwgxCQECe85DEh5gvPiQ8hz8NzLBbLyUOxdZhF1LHFvZy3G3V9D1NlxJlXhwoj7tzsLwLdZC8dapfK5xx2a1abPERf_DD1n_NJVSh0W0NW6eZwVQAjcd1lv4QYtN8bPav3CA2sWzL84ja-rFX1KAOwuvoL-0yjgvT7FJymTmi2F-QK65v5WSVFERZwBuKW6KE1ASFbBSmp28HuV2mHqWCGwCR2k2LWumxzbYoQI0RI5U7has_1apcWEB3w_u0KErJ0zAbC8_-_H4gYCaCRKmf_X6Zz3f4zSbsZjxxE0LvlAonkgo6GXl7OLyGY-RqhphzDI0tCVUY-CvPTzBBNMxNHvaPAPVEjVmFV0pj_hc1Ty2slc_Cy4kGkD7t0W2D9ypPYNPOYQr6W9rR-YtPoBXhsn8qq6xRHn2QpBay1vOSE3MyZeRWfQpyWJCOeE_oL0bfhU2kBWWUVwrVn_0gwgm6Q4TjKwNvSGAZPBj5N0OZFbVt2noW7347oEzmkUdIMXiHql5QACLiVjG5DbScJ9Pj4q1NxIRsxLnlhXaAm9b_DuqgW-Phk_9rxmmVOlQ6pJqqQZ41q1JNEyrL3VKfIFb3aV0vYsmRPiE1vsk4MLubArDFgj52jaRqA7H5ZqMmAUbN4mVw75IW96_ph0Jx0qYVpk2HspAt4DGhTiO08v7f7hhYVpOSHpdPzRFdPC1V1Tqi5TDeQZ2FywxGf4EEwHqw9yB-yFZvonxyapzxJOQwuV2ZqeeRoVck4bebZjOKNC_xNJBShECx62958ajO3KlPsRrxJtUUtAD5IX0mSsGWBkUhuaF896B5mFB5OGtjiPUD9jbUqUUPblAXSHyuyN7wB3yGAqnFih-8kcAZTLrPgiYdQMyOdLj0kjfXoCzl2X2EQyY8yR9I5XVWSrJEo0T3AtJUZR5gC38w4Fmdv7tNd6JPwDhCnZHwTsw1KtgzsaWCfC867iAeOLj7cwyDNMc2sqIs8f_CWcH8ECAGc4t7PtHr3BAPUcDn2ukNFMyqMQhnXdqUBvSRN41onuQhWy2GySyQXUYiSBVW4H2RsoZiZNyQ4YpGTWRk0nbG0OyMPDFcf28S_ww3cRwQX_qf1uKoVb4rCVOHIlL5Tq0lP3euaM16ABhq-COXMcgNjjqpjisk_-kZbr4eirVCN3zuRuc2rjI2cb-6tvoR4_g1jWUZJgc2023gaqH6fFhSPj9gicxzKW4YUTdCvmkEvIwLGbzs-Nn9qO-gBUYGETzicpIRjFyd9dqLUNObdlycBrS5_RBZ_M2kdKT16tM57FRdWMv61rjn8-Tj-rgvYzE1uyV2jLNTFDrnv79KpNU5MwC1LkSEH7N6NRzLf-PBzxrQ-mzTNabHfneAX3W078_kmOVVKgdQe7yhCyTw8gbxM0dq90Xe8ERxNHGXtIo7YC7CZMH5XB0TGpCra-6Bwira77za8YzjnlsVvKt2o68gwwdu7FAhKdkConAG3sXhL1rTHZiO_2-Qx5eOXwT8F21HMUayGRnyD6L2ZWipAGXx-D41_miQoLfmDGTaGNh7d3xN8qaiu-kFAltCg2Zh2eesQIBRjGQ1VkZFcjQ6jcrWVF-t_NnmCohJxWFSptuGA5Vlaf6IYs2Fel_dKmRBE4LO4mFseJ9H_xwFYdYdPcUpGhFaUG8qzQhx2n3SoNTXBBD7si3leMygSz3UhhNP4k8ckjp-033jzR5ERgzbaEFep4wZHujKMA-vVZ7xBJWmJHQqy-JZqUJDnLEsuismoi8GUgmW9s5kkjzM5R94MNStdZSy8CLqzuA7FxBIZ8CmGKlxIJCWK5ohaEsswrBFwzuVr7OHVjcCxxGqBLNrFsUuZFkWsUf9Y5FaX2oo3UDut_5ch_vFgV2ACKcU8QXfKY0MZFgFBm5QMn_IN5iZDQ9hMfXE-lI_-i-aWlbWUq3tpO2PQTnPB_tpiUlaA8wkyZg1zULt1xdzjeqKMh064UHtRXSjf66j-9NS1Xss15iGnyyY8RLdr2NqJmL01U3-3o4vBpqRLb36IgEtW5rKKWUKAYFxorkRbnszxAU4YDS-Rzd65G9agoEfrcREUTIBAsf8yePjGBdg0Pbzv60f0oLMWYsdzqc7dLD0Ey5IAcDO6wlspP7T-821euw82E_JpAwcSGBmp5X&cid=CAASEuRotzN_A_jFvaIFpcgeXsjS5w&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:12:29 GMT content-encoding gzip x-content-type-options nosniff age 904 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:12:29 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A7A8	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 13066 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/ Frame 4BEE	21 KB 6 KB	57ms 44ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b4f3d56a25b7341b154140d0e7683a7046d2a25e7515c6cfbbc45cb509e667d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6009 date Fri, 21 May 2021 22:27:33 GMT expires Sat, 22 May 2021 22:27:33 GMT cache-control public, max-age=86400 last-modified Tue, 20 Apr 2021 17:27:12 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame CA1D	0 575 B	103ms 59ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsuCJpb3EQ2rVib2kfFqtDIM6_DLR1t2pYvfE4r_IJzdIqzZnJJJh-tqZjMT9_5p6Rf-TnGCXqSZXoYhYS2kgtlQ2FYIzsuqIFBxWxuVEJdCunGub5PwN6Z1lkagp3ncz6_X4QHp4oObIqcaTIb17_5CMINksHnCxHxsliVg7ZLFWhOP2CGCM3D_XJ5_fXlj8k-PmbIElkn953FJvolUBKPFSn0kns29cYbgJ_e-EDLkSFOELUrjSG40oRyxiRRKeZs154L6GolLyEGD3KOl6inRv9fhbJTSd1zTglTY7nxUaaT63FqfQphevvWYc8zh5V8i_xNYXnndVwRf7KaoZ92o6qB5wjjHATt_ThQXPv93Msexw-nrZ0LxSSOCJfyMJa52HZRCungrVoK-2LZs_UDhSPv9_avkkKSYJueNKarTBU7pTcly7eRvq8i7ZZUpEvd1FXxT45Zai0LMfVyeLhR_PqSOxMIeGfMRCcvBQezzk-XlGeKBSZvEaKMcwsbzvLCIJMN40W1FlN-aqEXWbggZM0UCtP3sYe4tlFksDVYwtKu9TQXTstK22i4FPt0deRZc5xD_kE9CaODsNAh1KbcqNaxw7zP5ftA67ooSdMlAHXaQOT3keUZLgMDQ4J2vPzS2gpfVNbh9DzvpnzBuQbuSVIbJCaEhs4xVdXdWhfDtGQsyN_O52YXFX5a6Vgt-M9TP3rSmaZYRHgtgjJTd8_2rSTsnguQVT1k1yGPywe9tfTZppZgUna8cBZc07qsQsB16-B4P39QgDItjCuC7gvzwBJhopGHLzaPc3MeYYM6xAHeBV9sr5Cgjn7T1-eMdzgf3aMDqy8Gp1oY_ce_RzHDeNWxPB0jqQG2vn0lWwHQV-qhVTyCxRJPYdOmuNttWXXBP-Y06XdOiaMFd62FXNVOhmpjCQnMlRotWCTWJWBd6RAv0Vz2eNUracTGj9JVzkTLCLDlRH4h07hSXcZdzEd2QM-cPY7jo6F_om7JABQsGHeO2LeDoGOfFn3x7Vl7KRDJepN6ht12Ps9_EZCjvKnQqlNz1rHXH8auQ5rww2BbRiqepRwKGUsEZ-0KYYnjzXAleiIFl57DSXOBtR9F1nrX5Hj0f5IfkYrASItLV51NyxceXifF2CrTEzLrpSgd_5jjhOFj625409PC2Nm431e42DvQ44JnvLOGI8xzym5n9XuKzRoJJ6jVDMpcrI5sjO3zh2fST3AF60JF61tbu0PlLRLBC5I93Sg42I&sai=AMfl-YQUwFPQp_TYAtxMa9DzMb0br7_4O-tGuDBar_8oSMdAzj-xDZwnBVXwKEu5rnlNkYEd6aA8gJ1p6Ba43TAN65BxsnIyLhqrjRcNbFeOG_IbRo-Ov2DMn9SJkAPK43Z-Vl_Y8b20HjS1apKERM-ltnFP-TuurHyt_cjEwh3Wa1RgRwdLsBuU_A&sig=Cg0ArKJSzB5I0gfExu8zEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=85&cisv=r20210517.30884&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 21 May 2021 22:27:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9163 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPJuAcr6EF-p-bU1Rjcv-1M&google_cver=1&google_push=AQvitULjWQlWkP47RqG6qdL0q0t6M9nNQDQjvCQWVXcb2xx-RRpdyK2sqDGK3gxpL_5bHRqvNVjCXHqD4cNOXQbm... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULjWQlWkP47RqG6qdL0q0t6M9nNQDQjvCQWVXcb2xx-RRpdyK2sqDGK3gxpL_5bHRqvNVjCXHqD4cNOXQbmckrmlg51_jE	170 B 188 B	34ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULjWQlWkP47RqG6qdL0q0t6M9nNQDQjvCQWVXcb2xx-RRpdyK2sqDGK3gxpL_5bHRqvNVjCXHqD4cNOXQbmckrmlg51_jE Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 May 2021 22:29:11 GMT Server MT3 3736 915c305 master cdg-pixel-x25 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULjWQlWkP47RqG6qdL0q0t6M9nNQDQjvCQWVXcb2xx-RRpdyK2sqDGK3gxpL_5bHRqvNVjCXHqD4cNOXQbmckrmlg51_jE Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 21 May 2021 22:29:10 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9163 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUKePPIlQwnIakbnv7h3Wa-sQQJoZ91hE2_LTLlPysn7B7uF4WgjGU...	170 B 188 B	28ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUKePPIlQwnIakbnv7h3Wa-sQQJoZ91hE2_LTLlPysn7B7uF4WgjGUFwUZwXVgedLMBWqV7FqNKfsT-H9VXb-QqHTVn3Ly0 Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1621636054.735779,VS0,VE93 x-served-by cache-hhn4030-HHN x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUKePPIlQwnIakbnv7h3Wa-sQQJoZ91hE2_LTLlPysn7B7uF4WgjGUFwUZwXVgedLMBWqV7FqNKfsT-H9VXb-QqHTVn3Ly0 cache-control no-cache accept-ranges bytes access-control-allow-origin * content-length 0 x-cache-hits 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9163 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENOnGkOso1VXZroLS0dHMQE&google_cver=1&google_push=AQvitUJAfGIADiHXtRAgeZMk3_Ot5V3M6jiTuE42u8B3JQK8pKWMBwA4-ntD2LRzWTqBkuZV2ZE8Jjc... https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESENOnGkOso1VXZroLS0dHMQE&google_cver=1&google_push=AQvitUJAfGIADiHXtRAgeZMk3_Ot5V3M6jiTuE42u8B3JQK8pKWMBwA4-ntD2LRzWTqBk... https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U	170 B 188 B	27ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3-29	200	dot.gif s0.2mdn.net/ Frame 9163	43 B 63 B	16ms 14ms	Image image/gif	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEBpN-g4Po_KbT5bHr-8XyYc&google_cver=1&google_push=AQvitUKcbRQDyJRnniPYmFTomoNuvM__J0o2t00iHJU1HUlQeWzU6gtrtvcUd9RxCg4EbIRvSZkPVXbqItjjZWSbX8FSiCpwVw Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Sat, 22 May 2021 22:27:33 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9163 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCrdV4NlNjyJg4Q7EE484w&google_cver=1&google_push=AQvitULTW4i01l454q_OS7tFO6cFp-54dFQHC_5ImAp6JNN55Xf80Bn4SYs8kL73mr2S51auqQ6... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ZVzhKNUQtMVktMlBMSg==&google_push=AQvitULTW4i01l454q_OS7tFO6cFp-54dFQHC_5ImAp6JNN55Xf80Bn4SYs8kL73mr2S51auqQ6DBnQdXBTxyZf3WHRfwSSC-1A	170 B 188 B	45ms 45ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ZVzhKNUQtMVktMlBMSg==&google_push=AQvitULTW4i01l454q_OS7tFO6cFp-54dFQHC_5ImAp6JNN55Xf80Bn4SYs8kL73mr2S51auqQ6DBnQdXBTxyZf3WHRfwSSC-1A Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09ZVzhKNUQtMVktMlBMSg==&google_push=AQvitULTW4i01l454q_OS7tFO6cFp-54dFQHC_5ImAp6JNN55Xf80Bn4SYs8kL73mr2S51auqQ6DBnQdXBTxyZf3WHRfwSSC-1A Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 78e3bdce5107450057bade54d54a0a7e Expires 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9163 Redirect Chain https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEEEJiYP9JZl9cEoHlyNLZa4&google_cver=1&google_push=AQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaT... https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D57c3cc52-4b00-4e57-9818-6b0a34df0242%26google_push%3DAQvitULN39_huDoVdhuegHSLB0F_dRt... https://tech.rtb.mts.ru/?dsp_uid=57c3cc52-4b00-4e57-9818-6b0a34df0242&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D57c3cc52-4b00-4e57-9818-6b0a34df0242%26g... https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=57c3cc52-4b00-4e57-9818-6b0a34df0242&google_push=AQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGna...	170 B 188 B	30ms 29ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=57c3cc52-4b00-4e57-9818-6b0a34df0242&google_push=AQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaTVFo7HjlPaQ Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 May 2021 22:27:34 GMT Server nginx/1.13.12 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=57c3cc52-4b00-4e57-9818-6b0a34df0242&google_push=AQvitULN39_huDoVdhuegHSLB0F_dRtWNLDmAFKo5pLhNvBUJanoPGHeLGanMNTJvUinxsg50Rp-seGRPijvYGnaTVFo7HjlPaQ Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H3-29	200	dot.gif s0.2mdn.net/ Frame 9163	43 B 63 B	15ms 13ms	Image image/gif	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEIBwuj-3XiFwJ7_Wc9eZ9z0&google_cver=1&google_push=AQvitUJg9mmc-OKkb-BmLkWUBOz5o2w7R27e6JzNsWHHYXPzYx_8ctrhv4P1srh-Cq6SV26uHjz--tBV2ZY1JmQwKz8CK2IhBPI Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Sat, 22 May 2021 22:27:33 GMT
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 9163	0 12 B	28ms 26ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3wt4SQ3G6kln9xBjJtlkCi5AbpyLR2JqnwevBNx9SPrW35cCWnVDNWY1ZYLllzOGcnDpZ_AA Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5F9E	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20446 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 316F	1 KB 749 B	7ms 6ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 21 May 2021 03:14:09 GMT expires Sat, 22 May 2021 03:14:09 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 69204 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 5F9E	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c29802d4dabd3fd77ddc178e78d3b25ac107206bc05adb01a993cb1617796813 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	container.html Show response e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6486	6 KB 3 KB	7ms 6ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 22:27:28 GMT expires Sat, 21 May 2022 22:27:28 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 5 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/ Frame 394A	28 KB 21 KB	76ms 76ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8b0569c9a74c56ed7e45c7d13ff824c174bece0d1607a336c5c2eeab8d0f52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21246 date Fri, 21 May 2021 22:27:33 GMT expires Sat, 22 May 2021 22:27:33 GMT cache-control public, max-age=86400 last-modified Thu, 24 Sep 2020 20:17:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 5F9E	0 61 B	66ms 66ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7m3Omp5wcmeYVcoaUOhnlEkCe5nrvKpAggS1WrbK0Ycq-6laZjlavrvEKrqaFdS7ME0mvZRSgXk2W4EpZWNBSUgM4M6ApQgPPXyYWA-gKppMO7FShX_lg2-tjCleJQOXGHRwEUXGO8zQkX0LmQqfggSalOuPXs37AoxdlDRTPRbNy1qn8EwXENBv2b9j-_JB-gjvT9DOsL_FQ8F6Hg-BcEpNtyxf09wJs5XOPDIlW8MleW-TRLlux61GS6U3WehtxpsqnClb0c8T_2etrijorYDDx8jaNei7V9QWCqEz73xSWfRPNocD-DvICD6P_3Rtd7Hb8JDAN-kEperO4aIKhu2i7GfNlAUfI-xkd9e66MB3oNWxI80RC2xm3ZrxtUNbyhl-x_g-P7UVOxfYD8iJj04Z0xMAJi9W-0CCt5G0n9TQayCSaVCtnJfDkp25f3dgYyqGyQ2Tbqe_MtYvmP_qUWorm4Sv8ScOFJnJgyqZK3BGAeR9S3NIKTff3btgBQy7ARgXP64JHTIS-MhBoDP5pgq4fcVp9BbxhIr6lbZ_fUx2Tbp7y68jDjHIipChBMLv0hrKFy2ri7iUBLJvS_znMiJAtekou7g5nVj5cZBgzLPRmIA12Q2mBthY0erM_fkW-o1FEECrsWluFfUqM341OKuvSehfNi-8Cvx9YTtBrwPciogAtSOl9v7aBCUnjhYWlUdC3TgFeJ2oqXaHrg2socx4ZQKgwztwYis9IQuBRMaI27ID0mNP35JwE1WIWaQxLoiyo0aoJWIN466WNipDHfzvCTjf2SOnIIFlhVQuM4rTrY0r3eqDCoImP_anisR5Cd6l5FO_KPOXMwAHNo98d1f5_i8Z0Xgb6tvQck41lOYCEmEHq_vEuBl9FDQwFZlDN118xitm1Ff648kobQenOuu7TQvJkISri1pIE172SbPWmGd3OGfJekac1MYDARLzeh9RUthiasRPo1RihfG40hHJlLFmEG04Gi3OJepcCjWM6kuKVu_zvHY5tULKQMoLYqVzP53kk7PSnMdfeuV4QelWU4-tZNmZfft9_QNkW9PlPP7dgFK4h_w1QwGDvDnxU0xX8VGN7zPCAc3eQYKLnV9XXBtdC1sDFJduyLvK2WNB96bOIrh7Xl53I4QFpIpyFCgC5dfMC5cU20hdr1-YPjUBnU_UoHhmjYVP99dzRxzmoeGvXn3eYuP7sY-T3&sai=AMfl-YSdpduT5FQswZQtFCmUOrxINF_sViyTMYV2Sytgyq6fDQJU4qJOEyzFOPuMMx5SmfASHftck4u-Ws2KoZDJcJkOz0lnR0va9zdllU1tD3xCTy3J2azpydy1jrt2zvskVua-Uw4S9mce_x3kgS1SOdx_U306tA&sig=Cg0ArKJSzFZ8gHbzUJIHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=104&cisv=r20210517.92526&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 21 May 2021 22:27:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	23ms 23ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNTI3ZTUyYzEwNjM1YWM4MTM2YTRjODQwOTRlZTQ5YTgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNTI3ZTUyYzEwNjM1YWM4MTM2YTRjODQwOTRlZTQ5YTgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 17 B	21ms 21ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 22:27:33 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	23ms 23ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzNjA1NCwiYWRfcG9zaXRpb24iOjExMjYsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDAwLCJiaWRfZmxvb3JfcHJldiI6MjAwLCJiaWRfZmxvb3JfZmlsbGVkIjo3MCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODIwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzNjA1NCwiYWRfcG9zaXRpb24iOjExMjYsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDAwLCJiaWRfZmxvb3JfcHJldiI6MjAwLCJiaWRfZmxvb3JfZmlsbGVkIjo3MCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODIwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame EEB8	22 KB 8 KB	9ms 9ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 13066 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame A7A8	14 KB 6 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16825 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H3-29	200	Museo700-Regular-webfont.woff s0.2mdn.net/creatives/assets/4033635/ Frame 4BEE	24 KB 24 KB	501ms 500ms	Font font/woff	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4033635/Museo700-Regular-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2704a01f20ed6fe631b5aa4baaa5300823bcddbe7d8f35c43edad1f86aff05db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff last-modified Wed, 27 Jan 2021 16:01:58 GMT server sffe age 0 content-type font/woff access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24912 x-xss-protection 0 expires Fri, 21 May 2021 22:42:34 GMT
GET H3-29	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 4BEE	60 KB 24 KB	43ms 37ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	SplitText.min.js Show response s0.2mdn.net/creatives/assets/4033635/ Frame 4BEE	15 KB 5 KB	38ms 33ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4033635/SplitText.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fba520a3fb705157417bb5574a3c8d57a33b7d907892b0d397374fd546fa65c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:25:25 GMT content-encoding gzip x-content-type-options nosniff age 128 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5139 x-xss-protection 0 last-modified Wed, 27 Jan 2021 16:25:34 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 21 May 2021 22:40:25 GMT
GET H3-29	200	Enabler_01_245.js Show response s0.2mdn.net/879366/ Frame 4BEE	110 KB 38 KB	37ms 33ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_245.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:48 GMT content-encoding gzip x-content-type-options nosniff age 20445 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38568 x-xss-protection 0 last-modified Wed, 14 Oct 2020 19:32:54 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 16:46:48 GMT
GET H3-29	200	logo-de-728x90.png s0.2mdn.net/creatives/assets/4033635/ Frame 4BEE	4 KB 4 KB	533ms 533ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4033635/logo-de-728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f85566eb2b6044c17b4e6f2dcabb5bd33fa385e80b6de8accd6bbd9739aee7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff last-modified Wed, 27 Jan 2021 11:26:16 GMT server sffe age 0 content-type image/png access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3759 x-xss-protection 0 expires Fri, 21 May 2021 22:42:34 GMT
GET H3-29	200	logo-fr-728x90.png s0.2mdn.net/creatives/assets/4033635/ Frame 4BEE	3 KB 3 KB	379ms 379ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4033635/logo-fr-728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edb29173908b3066bc5870b8858e3e5ac4d243b07e496da506de2d424885d61a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff last-modified Wed, 27 Jan 2021 11:26:32 GMT server sffe age 0 content-type image/png access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2953 x-xss-protection 0 expires Fri, 21 May 2021 22:42:34 GMT
GET H3-29	200	logo-it-728x90.png s0.2mdn.net/creatives/assets/4033635/ Frame 4BEE	3 KB 3 KB	863ms 863ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4033635/logo-it-728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e70f6024b548bd737be725ac2e20b3ff7b060cbd16a72f606c125296364510a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff last-modified Wed, 27 Jan 2021 11:26:47 GMT server sffe age 0 content-type image/png access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3152 x-xss-protection 0 expires Fri, 21 May 2021 22:42:34 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4068	611 B 316 B	25ms 16ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNVz32bKWk22TuWoCqEFRQiWav3qiUZSxSGfTtJ7FQOjULyFxv2t_qSsXzQ5j_RT5VJmzTY2ijMR2er9a0Oz-yRkncEF8g Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNVz32bKWk22TuWoCqEFRQiWav3qiUZSxSGfTtJ7FQOjULyFxv2t_qSsXzQ5j_RT5VJmzTY2ijMR2er9a0Oz-yRkncEF8g pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkbzbFoauY8mTfPtcNm1ipMltlOVBvqD5TCEr9UN6uq7MfIE9XR7NoCYEjwmwY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 22:27:33 GMT server cafe cache-control private content-length 295 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 6486	57 KB 23 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoFXHTYRB7L2xRHwwTkJIsmcmBV5nf68fnpNknPUmkYR4uA4mYr04o60paaY-LxEwJbitLF1YfBxkQfwb2aFSrxlBkFKj1qxvECaSsivx9fKLeutXh9zqOuIOEmhbG5UcJzYXwro255-U7jpQTFPWdzV66AQ&dbm_d=AKAmf-AhEtXEskrXpHMF9DcI0hauRYtmJfDoRDshyO9Dc6O2g95h4qLCzrSIk2NFdwoX-s5-ln06pAi3iUAnGMVh52yi7sdOCdv78QLMfS4lExdaf2iyNSUucq4oICPD1i6CoN-ZEMUN5XSyftHfGAKd33qTEnEIVz1B8QN_XR3-5c5Zcn5EZKEdEYxVoiqVI67zY-DAJ-oS3BMomzUu_XEXYfWtBJvFJoBHJJEKsnxvzHutrcBM6giPJfmozI_NlbHPGeOZ7fZCxlsJzhZMaDwfJfExnuLHF2nstVhMVAckXXqX-2lkmNrEssXo5FBHFkxdEQEaL7aP-ZCkoOLZRSyP3fmOxBTZOK_yL7gg62vttZnLWg6wt3dC8BB0kpQglL5NlMq_dviqpCqFQT6RqRGGlowKvTKDAUGNNKGuYBDZiswrGpyRRYhS96nyYs0_rM9GCJgwjapUlXK6GpP41M1JpFLmpdVt9JxWdxFFh7HCASWuyGUGw2vbfCXy-gkq2NRAyxuLNuiQJQx7AkfRLWiTDO3YVipX5B3PnyvunjDAPpU3yhF-xdnnNHQG7I7MIYlcmmVQ4PCQjntE24h6gVuxai8p3sSkO26tgG3ODfTe9WSpK6gNjHzqzA4ierf5vjWZQumYP6xFT1jkE-YbuGeh5xfo3dTHQaq6HbgdKBlk1-wBQDOztOEvH2oAdqM3OeHR1XtM4Hak4HweJPyXcJTt-twOtM2wBKBvYms5n-Ac4VaA3O3ZgPJQ4SV237obn94D9ckID8XAdXRjwZmx9wa8xlSbo_4f6UYIeLnUslF2LBWyxQDEA2uXP7cSX_B6Bkoxt4-GkWKgZ8qwhL-5jVQNZyDaeOYDchtAXCz-LxNSJFL1FQjRCIl6N0__NYxwQCZeUVsI9d7NT_z7g8HQTLWPn5sy9DFWwzYxeCTTGa_wCYqWLvXQdYKYOUicfaBzaCP_s1rmP41uk0Jf_XGDjLw4xDFfpmV8K9-Nm69zB5lKVJW80TKYpjdTKmI-GquyWwQnYC7gMREWow2rb7ESDbxz688VKRQ4UPKHYtFbieGLG9FZGOm0mt5mZv_sgc4WKwtW16pZGNACi2ZWrtoy3Au8S8WXX0uaU6T7b_oK9bVUgUi6y7-tlaA_b7n5Nv4m-J483PehpGj7O74gemED6Rj6EToPTm2AKPqux2R-b9hOmo9QGhcz8SicbbE7y723ks4NdDr9uztVwUZvBz8TH_dVrcROjCkjBacYzyGyLqBM-x81EFMaX6FHJsZVybAzW7hy5G9xOyHcsKvRFwu_cldAmlRrwy_H7o1UYOC9_P0vzufyiCln3JkC73mwyCZV7wBso1Ljao35E4at40sFxpaAhBOQPdVCLiKxKkCw6zxiWPKZ_JMMc4bFi4dOY-I1cVwmerAdA86mQo6n6ObMVHdjJgx0SyvpWFiAKkrHEgpGs7aWgYugry4Gw7FVBApwR4eLzZVgfsRaE6KeaSnaFIueAhxFQNT8_DzDotF2-c1CQAruYkK-U9xlpEkUR6tmnED4fa1ce-h1OFoGhQwSDCi3UOU9ObKFqCjsUY7rzhVF-NJ8ngJBbe3GOIJbDe-xEJHkTCXZZACZe3ZVA_8D9p1FCVLQVPWllpYJL0aFgSQ4A4gq9f1ar0H6aFc1EJbYFx6t1cRYBN-b4NfRy7xxIqEJCJcnEA9hekz1DqmaEHRtJ-jAOid3z1dpBVVrtobe35pZNHoJ5oFD2JYGvHp_miS3H4Cd9SW41MuPTi5yNeTUme7tXeQ4c962dtcOgUrJG4ENjuALSv0pgmvUdyKsGXTv4osopy6u5GCPIX7MuxiblJ6gdMEXTgafafg5i2XNTqGOUw_xXUaW6yAKA6ezg7VYbjzBvSEV8Gf0XfGYVa6JdQs9bl308hnEysp7rqe1nKW6txfzOgV1kNyf8kW57T51pb4p1eUp8zzakPANNF-KX6BV4PxBYub2vef90ZshWRE9Gxx3yj1bfzIwX8cIr7tHp1cn_LDgz3A3wnR2hpmQgMhIpAM6pQ5ju9uaTqsuOs4Y9w8cBlBNLbnDsv8rvNQjIB4rGKRmzjG6L3wXfBf-r3gKt5YLSrOhFT9dxfPf6rOgJfKZV1e1fPPwvYT0qzjh-AHObdxmgAAayXo2V_88T22pMQTD4Mw8MWje8nSZQA55HkDt4Wcqz7lJ_mvQIGrkavhJZz-mr4mymzZirdhWQlaeC5l6KeOfGwiFhHRmgj4bS-hjGWrhg_ldvjNbdarCt3Da_VkkUZ5JAumpEMaCM1lDrCGf-YBfCAR4vhWIyAqZjRIdecH2Cm-lSSd6VbdrRIGKvr0PaaGnd3kYkU44QJH6OinY06i4vyNFFhCm_sWeXv3fVrH0GGy-wWl4AoPsb6tQi2ZXoqvLIGjuRZGqukwzI0EYTR5X4neSZwznXVqSb7_fpvEa9D3MGM6gTHqFnyKQZ7HKmBJhfObqWTLu-4xS7P9H8U5qEdLvx8jSNSey8Wz27kD1CCvAuuEGwgH_EAwU37a3bvy48Aj5BLNX4Sa4dFiOUm1_vluaWUfGJO1cqNpx2qHkZxdk2-RoaC9kzuzDNW1wgw0CKdgDp1CfSJaw8iOAbD_pSj2nScEHV5t41GgYuXzT89msCIFRrIhkOyBPjvfEgh350tZ86ysISK0RtI6LK3RRR_n4W5dwNpJarSJXoIy-Kzo2Pr83rPRUQO8nUcKABzx6x9IPCvkIfvgcvZTAsIP4Fo-I7J-3yo07dRUj-PW185kWeyKOTMhr0asg2hCAsOK_UGbPN-U1FpLawxEaDjz1PH1WA_DRVhr0o6l-xuUlALCdXo4VGc2XSkvkmTJY9L6G6Q5q6eLzVxmwp5Maj3VhXxXV5BksXHHZ0Gdg5jWMm2US28EHURCe4YR7m_2UnQA8AeVSiqFw0pueR3C0s-ThQtcYIezDerOGl5TOwCTK6vmjiziFtLXHGqJjgK5DdJopIz3ncMlHnpFbjt-xraTyJTnSeO8wFzfmtqlCTomD&cid=CAASEuRoJXE0yA9q09tPTh-mBavk4Q&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8913221b03c503f093c77c16bc355f735bc04146b42131955c6a5d05e9ee9ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23806 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6486	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3nnJAoMQbXcvNpl10zKR1IvRxJCsEHnaOztvJ8MoekNFgNEzgzOpSVKig45YRo1HCEIJNQd4T2xcv33s3QxvFuBmr53z6gLC_ChXp5R1mpLiGrgk Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6486	2 KB 1 KB	32ms 30ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:24:48 GMT content-encoding gzip x-content-type-options nosniff age 165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:24:48 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6486	119 KB 36 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a4e15e0a382cdbfe1d63cbd77a59ce2f67660b54e926fbebc97fe0b7cebf869 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621597309435250" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37145 x-xss-protection 0 expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6486	13 KB 6 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:25:05 GMT content-encoding gzip x-content-type-options nosniff age 148 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:25:05 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 316F Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUJtArbF1mt6cMae7QFkhgdnVjnJ3-cmpmwculo2lN-9QWIOgx4LdL...	170 B 188 B	29ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUJtArbF1mt6cMae7QFkhgdnVjnJ3-cmpmwculo2lN-9QWIOgx4LdLWSHg_xs-AKO2PqOksYAWBSc-092IG10H-yzSjtCLmk Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1621636054.830645,VS0,VE92 x-served-by cache-hhn4030-HHN x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_push=AQvitUJtArbF1mt6cMae7QFkhgdnVjnJ3-cmpmwculo2lN-9QWIOgx4LdLWSHg_xs-AKO2PqOksYAWBSc-092IG10H-yzSjtCLmk cache-control no-cache accept-ranges bytes access-control-allow-origin * content-length 0 x-cache-hits 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 316F Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMi-VaZICATlbEXV_a4dDtM&google_cver=1&google_push=AQvitUL9mtVeRs3b7zvmCNKld2zZz0lxq7QJQ4IWJ88cvGFTjN7Yqg3UhMe2yzztl9gPpIDcr7vEuyBoigh... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL9mtVeRs3b7zvmCNKld2zZz0lxq7QJQ4IWJ88cvGFTjN7Yqg3UhMe2yzztl9gPpIDcr7vEuyBoighjOjA-iZ0QnRt3guwg&google_hm=cVQxJI40TC2YBLgv1f1bwwk	170 B 188 B	28ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL9mtVeRs3b7zvmCNKld2zZz0lxq7QJQ4IWJ88cvGFTjN7Yqg3UhMe2yzztl9gPpIDcr7vEuyBoighjOjA-iZ0QnRt3guwg&google_hm=cVQxJI40TC2YBLgv1f1bwwk Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT via 1.1 google server Apache-Coyote/1.1 status 302 p3p CP="NOI DSP COR NID CUR OUR NOR" location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL9mtVeRs3b7zvmCNKld2zZz0lxq7QJQ4IWJ88cvGFTjN7Yqg3UhMe2yzztl9gPpIDcr7vEuyBoighjOjA-iZ0QnRt3guwg&google_hm=cVQxJI40TC2YBLgv1f1bwwk cache-control no-cache, must-revalidate content-type text/html;charset=UTF-8 alt-svc clear content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 316F Redirect Chain https://px.adhigh.net/p/gm/rub?google_gid=CAESELxwqmAnotSX4N5qQ33Rrcg&google_cver=1&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf https://px.adhigh.net/p/gm/rub?google_gid=CAESELxwqmAnotSX4N5qQ33Rrcg&google_cver=1&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf&... https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf&google_hm=Sbyru7PLOE0AAikABlF5kQp...	170 B 188 B	29ms 29ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf&google_hm=Sbyru7PLOE0AAikABlF5kQp73w%3D%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server nginx access-control-allow-origin * x-backend-id f15-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUIpTPaJ74--2W6GeH3596toNC13kmrCh3i8nNkec0KYnZrD4MUQWYU7Prak7ERWa2_v9WDJh-d5CfvsNpeXVy1Vmyi94TIf&google_hm=Sbyru7PLOE0AAikABlF5kQp73w%3D%3D cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3-29	200	dot.gif s0.2mdn.net/ Frame 316F	43 B 63 B	21ms 14ms	Image image/gif	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEBpN-g4Po_KbT5bHr-8XyYc&google_cver=1&google_push=AQvitUIBDqUqfAzkkABeAVHFxIuANMyh3u4ihNd_3lxBKArIDbXb5wvaFRR_u5NObsdSiAkR5GE7snWveBZH1XLChzgRbz83Nlox Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Sat, 22 May 2021 22:27:33 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 316F Redirect Chain https://match.360yield.com/match/ebda?google_gid=CAESEKclGcpePnHlsY8OEF3uOy8&google_cver=1&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0p7YNQn... https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKclGcpePnHlsY8OEF3uOy8&google_cver=1&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0... https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UTD4XSePSgKMJM-0BY2pcA&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz...	170 B 188 B	27ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UTD4XSePSgKMJM-0BY2pcA&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0p7YNQneH5L9E Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=UTD4XSePSgKMJM-0BY2pcA&google_push=AQvitULVDxSKT9jIbVPQ20wV8J1g3-XmTDbxmXfu5WPsWu7wQZbhJNXcXrTnX9wj_zHEUY-eCr9K0DgW3u53esz0p7YNQneH5L9E date Fri, 21 May 2021 22:27:33 GMT access-control-allow-origin * content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 316F Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFi8kIeg3UcFs36gt-DRgi0&google_cver=1&google_push=AQvitUJyEMpKc7uymcURr-nwqoso_u_R51VS3T8P4AyR5Dg1FwkhAduI1Aw1J_xoAwvcEkKEPoAH5F... https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJyEMpKc7uymcURr-nwqoso_u_R51VS3T8P4AyR5Dg1FwkhAduI1Aw1J_xoAwvcEkKEPoAH5Fk0GXwdMRyveg6Xal35A0wC&google_hm=MTcyNjkzNz...	170 B 188 B	28ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJyEMpKc7uymcURr-nwqoso_u_R51VS3T8P4AyR5Dg1FwkhAduI1Aw1J_xoAwvcEkKEPoAH5Fk0GXwdMRyveg6Xal35A0wC&google_hm=MTcyNjkzNzc4MDc1NTU5NjE1Mg%3D%3D Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJyEMpKc7uymcURr-nwqoso_u_R51VS3T8P4AyR5Dg1FwkhAduI1Aw1J_xoAwvcEkKEPoAH5Fk0GXwdMRyveg6Xal35A0wC&google_hm=MTcyNjkzNzc4MDc1NTU5NjE1Mg%3D%3D date Fri, 21 May 2021 22:27:33 GMT content-length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 316F Redirect Chain https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGo1r0Aor3psKOkHd8Si3VQ&google_cver=1&google_push=AQvitUKA8yMbSo-OIYBJpSbyflTorjmb8MFZB68okfEpeoOL0_Ib_NBh6EhZf4PBbGJTt4v9-ukQKJLfGKmvbcGLi... https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzkzMTMwMTMtY2MzOC00MDYwLWIwYWQtNTFhMmZkYWUwZGMx&google_push=AQvitUKA8yMbSo-OIYBJpSbyflTorjmb8MFZB68okfEpeoOL0_Ib_NBh6EhZf4PB...	170 B 188 B	28ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzkzMTMwMTMtY2MzOC00MDYwLWIwYWQtNTFhMmZkYWUwZGMx&google_push=AQvitUKA8yMbSo-OIYBJpSbyflTorjmb8MFZB68okfEpeoOL0_Ib_NBh6EhZf4PBbGJTt4v9-ukQKJLfGKmvbcGLimqEM1wCGFhpQg Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NzkzMTMwMTMtY2MzOC00MDYwLWIwYWQtNTFhMmZkYWUwZGMx&google_push=AQvitUKA8yMbSo-OIYBJpSbyflTorjmb8MFZB68okfEpeoOL0_Ib_NBh6EhZf4PBbGJTt4v9-ukQKJLfGKmvbcGLimqEM1wCGFhpQg date Fri, 21 May 2021 22:27:33 GMT content-length 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 316F	0 12 B	33ms 26ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7JruHQb8_KIxdu6UDTz22InuqcujNod_FLW5Nv2GviUEGKuX95YbNHjGWO4lvvI5WGVFLAg Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 6486	176 KB 61 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20446 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 16:46:47 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 6486	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoFXHTYRB7L2xRHwwTkJIsmcmBV5nf68fnpNknPUmkYR4uA4mYr04o60paaY-LxEwJbitLF1YfBxkQfwb2aFSrxlBkFKj1qxvECaSsivx9fKLeutXh9zqOuIOEmhbG5UcJzYXwro255-U7jpQTFPWdzV66AQ&dbm_d=AKAmf-AhEtXEskrXpHMF9DcI0hauRYtmJfDoRDshyO9Dc6O2g95h4qLCzrSIk2NFdwoX-s5-ln06pAi3iUAnGMVh52yi7sdOCdv78QLMfS4lExdaf2iyNSUucq4oICPD1i6CoN-ZEMUN5XSyftHfGAKd33qTEnEIVz1B8QN_XR3-5c5Zcn5EZKEdEYxVoiqVI67zY-DAJ-oS3BMomzUu_XEXYfWtBJvFJoBHJJEKsnxvzHutrcBM6giPJfmozI_NlbHPGeOZ7fZCxlsJzhZMaDwfJfExnuLHF2nstVhMVAckXXqX-2lkmNrEssXo5FBHFkxdEQEaL7aP-ZCkoOLZRSyP3fmOxBTZOK_yL7gg62vttZnLWg6wt3dC8BB0kpQglL5NlMq_dviqpCqFQT6RqRGGlowKvTKDAUGNNKGuYBDZiswrGpyRRYhS96nyYs0_rM9GCJgwjapUlXK6GpP41M1JpFLmpdVt9JxWdxFFh7HCASWuyGUGw2vbfCXy-gkq2NRAyxuLNuiQJQx7AkfRLWiTDO3YVipX5B3PnyvunjDAPpU3yhF-xdnnNHQG7I7MIYlcmmVQ4PCQjntE24h6gVuxai8p3sSkO26tgG3ODfTe9WSpK6gNjHzqzA4ierf5vjWZQumYP6xFT1jkE-YbuGeh5xfo3dTHQaq6HbgdKBlk1-wBQDOztOEvH2oAdqM3OeHR1XtM4Hak4HweJPyXcJTt-twOtM2wBKBvYms5n-Ac4VaA3O3ZgPJQ4SV237obn94D9ckID8XAdXRjwZmx9wa8xlSbo_4f6UYIeLnUslF2LBWyxQDEA2uXP7cSX_B6Bkoxt4-GkWKgZ8qwhL-5jVQNZyDaeOYDchtAXCz-LxNSJFL1FQjRCIl6N0__NYxwQCZeUVsI9d7NT_z7g8HQTLWPn5sy9DFWwzYxeCTTGa_wCYqWLvXQdYKYOUicfaBzaCP_s1rmP41uk0Jf_XGDjLw4xDFfpmV8K9-Nm69zB5lKVJW80TKYpjdTKmI-GquyWwQnYC7gMREWow2rb7ESDbxz688VKRQ4UPKHYtFbieGLG9FZGOm0mt5mZv_sgc4WKwtW16pZGNACi2ZWrtoy3Au8S8WXX0uaU6T7b_oK9bVUgUi6y7-tlaA_b7n5Nv4m-J483PehpGj7O74gemED6Rj6EToPTm2AKPqux2R-b9hOmo9QGhcz8SicbbE7y723ks4NdDr9uztVwUZvBz8TH_dVrcROjCkjBacYzyGyLqBM-x81EFMaX6FHJsZVybAzW7hy5G9xOyHcsKvRFwu_cldAmlRrwy_H7o1UYOC9_P0vzufyiCln3JkC73mwyCZV7wBso1Ljao35E4at40sFxpaAhBOQPdVCLiKxKkCw6zxiWPKZ_JMMc4bFi4dOY-I1cVwmerAdA86mQo6n6ObMVHdjJgx0SyvpWFiAKkrHEgpGs7aWgYugry4Gw7FVBApwR4eLzZVgfsRaE6KeaSnaFIueAhxFQNT8_DzDotF2-c1CQAruYkK-U9xlpEkUR6tmnED4fa1ce-h1OFoGhQwSDCi3UOU9ObKFqCjsUY7rzhVF-NJ8ngJBbe3GOIJbDe-xEJHkTCXZZACZe3ZVA_8D9p1FCVLQVPWllpYJL0aFgSQ4A4gq9f1ar0H6aFc1EJbYFx6t1cRYBN-b4NfRy7xxIqEJCJcnEA9hekz1DqmaEHRtJ-jAOid3z1dpBVVrtobe35pZNHoJ5oFD2JYGvHp_miS3H4Cd9SW41MuPTi5yNeTUme7tXeQ4c962dtcOgUrJG4ENjuALSv0pgmvUdyKsGXTv4osopy6u5GCPIX7MuxiblJ6gdMEXTgafafg5i2XNTqGOUw_xXUaW6yAKA6ezg7VYbjzBvSEV8Gf0XfGYVa6JdQs9bl308hnEysp7rqe1nKW6txfzOgV1kNyf8kW57T51pb4p1eUp8zzakPANNF-KX6BV4PxBYub2vef90ZshWRE9Gxx3yj1bfzIwX8cIr7tHp1cn_LDgz3A3wnR2hpmQgMhIpAM6pQ5ju9uaTqsuOs4Y9w8cBlBNLbnDsv8rvNQjIB4rGKRmzjG6L3wXfBf-r3gKt5YLSrOhFT9dxfPf6rOgJfKZV1e1fPPwvYT0qzjh-AHObdxmgAAayXo2V_88T22pMQTD4Mw8MWje8nSZQA55HkDt4Wcqz7lJ_mvQIGrkavhJZz-mr4mymzZirdhWQlaeC5l6KeOfGwiFhHRmgj4bS-hjGWrhg_ldvjNbdarCt3Da_VkkUZ5JAumpEMaCM1lDrCGf-YBfCAR4vhWIyAqZjRIdecH2Cm-lSSd6VbdrRIGKvr0PaaGnd3kYkU44QJH6OinY06i4vyNFFhCm_sWeXv3fVrH0GGy-wWl4AoPsb6tQi2ZXoqvLIGjuRZGqukwzI0EYTR5X4neSZwznXVqSb7_fpvEa9D3MGM6gTHqFnyKQZ7HKmBJhfObqWTLu-4xS7P9H8U5qEdLvx8jSNSey8Wz27kD1CCvAuuEGwgH_EAwU37a3bvy48Aj5BLNX4Sa4dFiOUm1_vluaWUfGJO1cqNpx2qHkZxdk2-RoaC9kzuzDNW1wgw0CKdgDp1CfSJaw8iOAbD_pSj2nScEHV5t41GgYuXzT89msCIFRrIhkOyBPjvfEgh350tZ86ysISK0RtI6LK3RRR_n4W5dwNpJarSJXoIy-Kzo2Pr83rPRUQO8nUcKABzx6x9IPCvkIfvgcvZTAsIP4Fo-I7J-3yo07dRUj-PW185kWeyKOTMhr0asg2hCAsOK_UGbPN-U1FpLawxEaDjz1PH1WA_DRVhr0o6l-xuUlALCdXo4VGc2XSkvkmTJY9L6G6Q5q6eLzVxmwp5Maj3VhXxXV5BksXHHZ0Gdg5jWMm2US28EHURCe4YR7m_2UnQA8AeVSiqFw0pueR3C0s-ThQtcYIezDerOGl5TOwCTK6vmjiziFtLXHGqJjgK5DdJopIz3ncMlHnpFbjt-xraTyJTnSeO8wFzfmtqlCTomD&cid=CAASEuRoJXE0yA9q09tPTh-mBavk4Q&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:13:10 GMT content-encoding gzip x-content-type-options nosniff age 863 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:13:10 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 6486	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DoFXHTYRB7L2xRHwwTkJIsmcmBV5nf68fnpNknPUmkYR4uA4mYr04o60paaY-LxEwJbitLF1YfBxkQfwb2aFSrxlBkFKj1qxvECaSsivx9fKLeutXh9zqOuIOEmhbG5UcJzYXwro255-U7jpQTFPWdzV66AQ&dbm_d=AKAmf-AhEtXEskrXpHMF9DcI0hauRYtmJfDoRDshyO9Dc6O2g95h4qLCzrSIk2NFdwoX-s5-ln06pAi3iUAnGMVh52yi7sdOCdv78QLMfS4lExdaf2iyNSUucq4oICPD1i6CoN-ZEMUN5XSyftHfGAKd33qTEnEIVz1B8QN_XR3-5c5Zcn5EZKEdEYxVoiqVI67zY-DAJ-oS3BMomzUu_XEXYfWtBJvFJoBHJJEKsnxvzHutrcBM6giPJfmozI_NlbHPGeOZ7fZCxlsJzhZMaDwfJfExnuLHF2nstVhMVAckXXqX-2lkmNrEssXo5FBHFkxdEQEaL7aP-ZCkoOLZRSyP3fmOxBTZOK_yL7gg62vttZnLWg6wt3dC8BB0kpQglL5NlMq_dviqpCqFQT6RqRGGlowKvTKDAUGNNKGuYBDZiswrGpyRRYhS96nyYs0_rM9GCJgwjapUlXK6GpP41M1JpFLmpdVt9JxWdxFFh7HCASWuyGUGw2vbfCXy-gkq2NRAyxuLNuiQJQx7AkfRLWiTDO3YVipX5B3PnyvunjDAPpU3yhF-xdnnNHQG7I7MIYlcmmVQ4PCQjntE24h6gVuxai8p3sSkO26tgG3ODfTe9WSpK6gNjHzqzA4ierf5vjWZQumYP6xFT1jkE-YbuGeh5xfo3dTHQaq6HbgdKBlk1-wBQDOztOEvH2oAdqM3OeHR1XtM4Hak4HweJPyXcJTt-twOtM2wBKBvYms5n-Ac4VaA3O3ZgPJQ4SV237obn94D9ckID8XAdXRjwZmx9wa8xlSbo_4f6UYIeLnUslF2LBWyxQDEA2uXP7cSX_B6Bkoxt4-GkWKgZ8qwhL-5jVQNZyDaeOYDchtAXCz-LxNSJFL1FQjRCIl6N0__NYxwQCZeUVsI9d7NT_z7g8HQTLWPn5sy9DFWwzYxeCTTGa_wCYqWLvXQdYKYOUicfaBzaCP_s1rmP41uk0Jf_XGDjLw4xDFfpmV8K9-Nm69zB5lKVJW80TKYpjdTKmI-GquyWwQnYC7gMREWow2rb7ESDbxz688VKRQ4UPKHYtFbieGLG9FZGOm0mt5mZv_sgc4WKwtW16pZGNACi2ZWrtoy3Au8S8WXX0uaU6T7b_oK9bVUgUi6y7-tlaA_b7n5Nv4m-J483PehpGj7O74gemED6Rj6EToPTm2AKPqux2R-b9hOmo9QGhcz8SicbbE7y723ks4NdDr9uztVwUZvBz8TH_dVrcROjCkjBacYzyGyLqBM-x81EFMaX6FHJsZVybAzW7hy5G9xOyHcsKvRFwu_cldAmlRrwy_H7o1UYOC9_P0vzufyiCln3JkC73mwyCZV7wBso1Ljao35E4at40sFxpaAhBOQPdVCLiKxKkCw6zxiWPKZ_JMMc4bFi4dOY-I1cVwmerAdA86mQo6n6ObMVHdjJgx0SyvpWFiAKkrHEgpGs7aWgYugry4Gw7FVBApwR4eLzZVgfsRaE6KeaSnaFIueAhxFQNT8_DzDotF2-c1CQAruYkK-U9xlpEkUR6tmnED4fa1ce-h1OFoGhQwSDCi3UOU9ObKFqCjsUY7rzhVF-NJ8ngJBbe3GOIJbDe-xEJHkTCXZZACZe3ZVA_8D9p1FCVLQVPWllpYJL0aFgSQ4A4gq9f1ar0H6aFc1EJbYFx6t1cRYBN-b4NfRy7xxIqEJCJcnEA9hekz1DqmaEHRtJ-jAOid3z1dpBVVrtobe35pZNHoJ5oFD2JYGvHp_miS3H4Cd9SW41MuPTi5yNeTUme7tXeQ4c962dtcOgUrJG4ENjuALSv0pgmvUdyKsGXTv4osopy6u5GCPIX7MuxiblJ6gdMEXTgafafg5i2XNTqGOUw_xXUaW6yAKA6ezg7VYbjzBvSEV8Gf0XfGYVa6JdQs9bl308hnEysp7rqe1nKW6txfzOgV1kNyf8kW57T51pb4p1eUp8zzakPANNF-KX6BV4PxBYub2vef90ZshWRE9Gxx3yj1bfzIwX8cIr7tHp1cn_LDgz3A3wnR2hpmQgMhIpAM6pQ5ju9uaTqsuOs4Y9w8cBlBNLbnDsv8rvNQjIB4rGKRmzjG6L3wXfBf-r3gKt5YLSrOhFT9dxfPf6rOgJfKZV1e1fPPwvYT0qzjh-AHObdxmgAAayXo2V_88T22pMQTD4Mw8MWje8nSZQA55HkDt4Wcqz7lJ_mvQIGrkavhJZz-mr4mymzZirdhWQlaeC5l6KeOfGwiFhHRmgj4bS-hjGWrhg_ldvjNbdarCt3Da_VkkUZ5JAumpEMaCM1lDrCGf-YBfCAR4vhWIyAqZjRIdecH2Cm-lSSd6VbdrRIGKvr0PaaGnd3kYkU44QJH6OinY06i4vyNFFhCm_sWeXv3fVrH0GGy-wWl4AoPsb6tQi2ZXoqvLIGjuRZGqukwzI0EYTR5X4neSZwznXVqSb7_fpvEa9D3MGM6gTHqFnyKQZ7HKmBJhfObqWTLu-4xS7P9H8U5qEdLvx8jSNSey8Wz27kD1CCvAuuEGwgH_EAwU37a3bvy48Aj5BLNX4Sa4dFiOUm1_vluaWUfGJO1cqNpx2qHkZxdk2-RoaC9kzuzDNW1wgw0CKdgDp1CfSJaw8iOAbD_pSj2nScEHV5t41GgYuXzT89msCIFRrIhkOyBPjvfEgh350tZ86ysISK0RtI6LK3RRR_n4W5dwNpJarSJXoIy-Kzo2Pr83rPRUQO8nUcKABzx6x9IPCvkIfvgcvZTAsIP4Fo-I7J-3yo07dRUj-PW185kWeyKOTMhr0asg2hCAsOK_UGbPN-U1FpLawxEaDjz1PH1WA_DRVhr0o6l-xuUlALCdXo4VGc2XSkvkmTJY9L6G6Q5q6eLzVxmwp5Maj3VhXxXV5BksXHHZ0Gdg5jWMm2US28EHURCe4YR7m_2UnQA8AeVSiqFw0pueR3C0s-ThQtcYIezDerOGl5TOwCTK6vmjiziFtLXHGqJjgK5DdJopIz3ncMlHnpFbjt-xraTyJTnSeO8wFzfmtqlCTomD&cid=CAASEuRoJXE0yA9q09tPTh-mBavk4Q&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:12:29 GMT content-encoding gzip x-content-type-options nosniff age 904 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 22:12:29 GMT
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame EEB8	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16825 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H3-29	200	Enabler_01_244.js Show response s0.2mdn.net/879366/ Frame 394A	109 KB 37 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_244.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 19:12:45 GMT content-encoding gzip x-content-type-options nosniff age 11688 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38072 x-xss-protection 0 last-modified Tue, 07 Jul 2020 18:35:15 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 19:12:45 GMT
GET H3-29	200	createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 394A	186 KB 48 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:33 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49100 x-xss-protection 0 last-modified Wed, 16 Mar 2016 13:51:35 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 21 May 2021 22:27:33 GMT
GET H3-29	200	vF300x250_Newhome_Remarketing.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/ Frame 394A	28 KB 18 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/vF300x250_Newhome_Remarketing.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e840e7e76530b24ee60f0afb43cb925b2bc3feb7f5d123c19094181253b0fab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=nIIKpd66wz&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:37:06 GMT content-encoding gzip x-content-type-options nosniff age 31827 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18390 x-xss-protection 0 last-modified Thu, 24 Sep 2020 20:17:01 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 13:37:06 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 4068 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEMN3r0cJ-4dsTo3E0D8b_Co&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMN3r0cJ-4dsTo3E0D8b_Co%26google_cver%3D1	43 B 1 KB	32ms 32ms	Image image/gif	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMN3r0cJ-4dsTo3E0D8b_Co%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNVz32bKWk22TuWoCqEFRQiWav3qiUZSxSGfTtJ7FQOjULyFxv2t_qSsXzQ5j_RT5VJmzTY2ijMR2er9a0Oz-yRkncEF8g Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:34 GMT X-Proxy-Origin 37.120.137.9; 37.120.137.9; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80 AN-X-Request-Uuid 1ee277a6-b4e5-4df7-be0d-3ffd8edc25a5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 22:27:34 GMT X-Proxy-Origin 37.120.137.9; 37.120.137.9; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.153:80 AN-X-Request-Uuid c9ddd66e-d1a5-43d4-b148-3fac02187b06 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMN3r0cJ-4dsTo3E0D8b_Co%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 4068 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MTgzMzU3MjE3MjAwNDM0OQ%3D%3D	170 B 188 B	28ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MTgzMzU3MjE3MjAwNDM0OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNVz32bKWk22TuWoCqEFRQiWav3qiUZSxSGfTtJ7FQOjULyFxv2t_qSsXzQ5j_RT5VJmzTY2ijMR2er9a0Oz-yRkncEF8g Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 22:27:34 GMT X-Proxy-Origin 37.120.137.9; 37.120.137.9; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80 AN-X-Request-Uuid 98f408b9-83df-46c4-a02c-e19c957c4717 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MTgzMzU3MjE3MjAwNDM0OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 4068 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHMSNtO9GqLgvI2A7nLes9Q&google_cver=1	43 B 180 B	28ms 28ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHMSNtO9GqLgvI2A7nLes9Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNVz32bKWk22TuWoCqEFRQiWav3qiUZSxSGfTtJ7FQOjULyFxv2t_qSsXzQ5j_RT5VJmzTY2ijMR2er9a0Oz-yRkncEF8g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.207.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT via 1.1 google server OXGW/16.207.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHMSNtO9GqLgvI2A7nLes9Q&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 4068 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjljZjMxMWEtZGM0My0yMjUyLWQ3NzAtMzlmMjhjMjYxMjE4	170 B 188 B	29ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjljZjMxMWEtZGM0My0yMjUyLWQ3NzAtMzlmMjhjMjYxMjE4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGOGdpJoBMAE&v=APEucNVz32bKWk22TuWoCqEFRQiWav3qiUZSxSGfTtJ7FQOjULyFxv2t_qSsXzQ5j_RT5VJmzTY2ijMR2er9a0Oz-yRkncEF8g Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip server OXGW/16.207.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjljZjMxMWEtZGM0My0yMjUyLWQ3NzAtMzlmMjhjMjYxMjE4 content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 4BEE	5 KB 4 KB	16ms 15ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_245.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 81ce5971c9ce7edb103313d540de2f7196cfbb4d680d2f0fe87401eda39ab555 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:33 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4149 x-xss-protection 0
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6486	41 KB 15 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 20446 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 0EC6	1 KB 749 B	9ms 8ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 21 May 2021 03:14:09 GMT expires Sat, 22 May 2021 03:14:09 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 69204 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 6486	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6bfa4ac55d850af951f3fa213a85675eb89a4a8f803ab96c016ffb2205a1f46f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/ Frame 8748	28 KB 21 KB	14ms 14ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8b0569c9a74c56ed7e45c7d13ff824c174bece0d1607a336c5c2eeab8d0f52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21246 date Fri, 21 May 2021 22:27:33 GMT expires Sat, 22 May 2021 22:27:33 GMT cache-control public, max-age=86400 last-modified Thu, 24 Sep 2020 20:17:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 6486	0 24 B	85ms 60ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEY2c_0Sw6A9d1qsi796fwxbynoJ0XU3GsQb5ccm1XAkFaRYrIoaiij7-WckSdLC6BFPYpZJybwF5FjbCuZoC1u_Egsrf6WIariTCYiWMtAztHggwVX75nPXcM_A7CBekJVKEBMbXi6OnKpEWbsvfvdq5U1cworXyuklWwRGJLhh0DkIb9Pkn_X3usQxG5BDygfQUbgAXuSkTFuI593P0Wn_zIsaZh09DkEodc4qiWKJ7fRUWjDdCXxPYSw_ogA3HdsP-B5_9yNg2Mp1JEuT5nrNqXW-2tyHNC-yYKB9aFCYBHyK8wY1jRkOy8V9RI8q2eglqf1BQyKxdlhN4Izy-BYSjaJ_iktJZeu47rD2d6rFpZDiwKOnFspY_wEBkaB8IXvOZcmskBMH9SdDRBkE5UVm-3BfXsZ2yd7va5eJUFa9Y2JQ9Izco77UIHOd-InclvCzJsRnfGEMI6JqHhhvPZ84TunXuf_WpNDc9jaX_gPafzklAbeH4ujiIvrtA0nREXeBJAj_2-ezjRQexiggeMnUEXvv-d-DiB_dSsvjAn032sXY7uN5OVkxNGeWLhX1PS0DVM_eZPGApFg4iYTOjP_I85RKl6DyM31hBzhIX0wVrWkbOTk7z6NPOULjCv9N3OKHaN4I11A-ssiDVVNd_PMMlhQ0MU5TOBtCZlDmaYQaZ0sL6D18gmwVMaFDiBSfB0la01ei10ZV36zvrsYmndbCgBtNFuGDAnJ3qPYjT-jWkASWQCTkeIad0po755UtgX3tU3Rc8oAaeXZX3GO1fdZFmq7AzTiba0hptVRkdFfOeda_awmOflVeSAiJ6jLCy4zFUSKT8aakjvoiSTM_ObV3Q--fW3zJn9yaWxIjQwD342BUqW2-oM6WGSUI39g_TvYJI7TkRIXU93DLrfRPc0eevJGyEYJ3n0pytCplP-IrRDLuXCfjdj5thoGB0eblbRrrFGTApdUjOvuxVUBETngEK38x7wAqPgW5TBtlJwRIGOs8jLu3X13hMAkhhUYwkCmeNoZHlHu_OG9SavtjrMVtpv8rW4dAHVvQf6pzKBRmp9lU39Ctb6GgQtUQyp9uf9F9Nfnh9xCTiGcmQr82NQW3QJek3VpiUsNHEtr4lhMo2Wc1u_ZpjJv4qm3WF96AQV0zZkFyjvOAxI9i7ym6f79hoH0v7IsFeZxV3nfp3hUSdDK7eCM2rVMDxVI9I&sai=AMfl-YRMe26LoyE_XLWSJLKXgd3ZWyNZdi7u8blWZZ3dxwaoI2has6tOaPSHJ6P6UPkx7F9rrb9dJiZvveWpnQPYDnh-an0WsmTkBI_eCgSrUpeqs8efRYfGMmNOKQfbTcfCyKa1opoztFZbALEL7FMgiapNRWwGsA&sig=Cg0ArKJSzJyPO_IhVU3-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=88&cisv=r20210517.78217&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 21 May 2021 22:27:34 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 71B6	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 13067 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 5F9E	0 23 B	56ms 55ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7m3Omp5wcmeYVcoaUOhnlEkCe5nrvKpAggS1WrbK0Ycq-6laZjlavrvEKrqaFdS7ME0mvZRSgXk2W4EpZWNBSUgM4M6ApQgPPXyYWA-gKppMO7FShX_lg2-tjCleJQOXGHRwEUXGO8zQkX0LmQqfggSalOuPXs37AoxdlDRTPRbNy1qn8EwXENBv2b9j-_JB-gjvT9DOsL_FQ8F6Hg-BcEpNtyxf09wJs5XOPDIlW8MleW-TRLlux61GS6U3WehtxpsqnClb0c8T_2etrijorYDDx8jaNei7V9QWCqEz73xSWfRPNocD-DvICD6P_3Rtd7Hb8JDAN-kEperO4aIKhu2i7GfNlAUfI-xkd9e66MB3oNWxI80RC2xm3ZrxtUNbyhl-x_g-P7UVOxfYD8iJj04Z0xMAJi9W-0CCt5G0n9TQayCSaVCtnJfDkp25f3dgYyqGyQ2Tbqe_MtYvmP_qUWorm4Sv8ScOFJnJgyqZK3BGAeR9S3NIKTff3btgBQy7ARgXP64JHTIS-MhBoDP5pgq4fcVp9BbxhIr6lbZ_fUx2Tbp7y68jDjHIipChBMLv0hrKFy2ri7iUBLJvS_znMiJAtekou7g5nVj5cZBgzLPRmIA12Q2mBthY0erM_fkW-o1FEECrsWluFfUqM341OKuvSehfNi-8Cvx9YTtBrwPciogAtSOl9v7aBCUnjhYWlUdC3TgFeJ2oqXaHrg2socx4ZQKgwztwYis9IQuBRMaI27ID0mNP35JwE1WIWaQxLoiyo0aoJWIN466WNipDHfzvCTjf2SOnIIFlhVQuM4rTrY0r3eqDCoImP_anisR5Cd6l5FO_KPOXMwAHNo98d1f5_i8Z0Xgb6tvQck41lOYCEmEHq_vEuBl9FDQwFZlDN118xitm1Ff648kobQenOuu7TQvJkISri1pIE172SbPWmGd3OGfJekac1MYDARLzeh9RUthiasRPo1RihfG40hHJlLFmEG04Gi3OJepcCjWM6kuKVu_zvHY5tULKQMoLYqVzP53kk7PSnMdfeuV4QelWU4-tZNmZfft9_QNkW9PlPP7dgFK4h_w1QwGDvDnxU0xX8VGN7zPCAc3eQYKLnV9XXBtdC1sDFJduyLvK2WNB96bOIrh7Xl53I4QFpIpyFCgC5dfMC5cU20hdr1-YPjUBnU_UoHhmjYVP99dzRxzmoeGvXn3eYuP7sY-T3&sai=AMfl-YSdpduT5FQswZQtFCmUOrxINF_sViyTMYV2Sytgyq6fDQJU4qJOEyzFOPuMMx5SmfASHftck4u-Ws2KoZDJcJkOz0lnR0va9zdllU1tD3xCTy3J2azpydy1jrt2zvskVua-Uw4S9mce_x3kgS1SOdx_U306tA&sig=Cg0ArKJSzFZ8gHbzUJIHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=484&vt=11&dtpt=376&dett=3&cstd=104&cisv=r20210517.92526&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	Enabler_01_244.js Show response s0.2mdn.net/879366/ Frame 8748	109 KB 37 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_244.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 19:12:45 GMT content-encoding gzip x-content-type-options nosniff age 11689 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38072 x-xss-protection 0 last-modified Tue, 07 Jul 2020 18:35:15 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 19:12:45 GMT
GET H3-29	200	createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 8748	186 KB 48 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49100 x-xss-protection 0 last-modified Wed, 16 Mar 2016 13:51:35 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 21 May 2021 22:27:34 GMT
GET H3-29	200	vF300x250_Newhome_Remarketing.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/ Frame 8748	28 KB 18 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/vF300x250_Newhome_Remarketing.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e840e7e76530b24ee60f0afb43cb925b2bc3feb7f5d123c19094181253b0fab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61567511/20200924131701547/index.html?e=69&leftOffset=0&topOffset=0&c=vW0m08MSbp&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:37:06 GMT content-encoding gzip x-content-type-options nosniff age 31828 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18390 x-xss-protection 0 last-modified Thu, 24 Sep 2020 20:17:01 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 13:37:06 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 394A	5 KB 4 KB	15ms 15ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_244.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 62726d46b64ffa2f28f5743a1c5cb26bebbec1369f048dc4a70573f9af1e79ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4104 x-xss-protection 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0EC6 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPJuAcr6EF-p-bU1Rjcv-1M&google_cver=1&google_push=AQvitULPcJZbFysHMKIRmlvIRtD3xrr60D3tFPv8PpxsL9RfjHdmzltAkVMD9hBYXFv8pClnnXu9tFR1iNLp9MW7... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=cI9gqDPVRgCrEOc84B6YVQ&google_push=AQvitULPcJZbFysHMKIRmlvIRtD3xrr60D3tFPv8PpxsL9RfjHdmzltAkVMD9hBYXFv8pClnnXu9tFR1iNLp9MW7TzXWpBvg...	170 B 188 B	29ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=cI9gqDPVRgCrEOc84B6YVQ&google_push=AQvitULPcJZbFysHMKIRmlvIRtD3xrr60D3tFPv8PpxsL9RfjHdmzltAkVMD9hBYXFv8pClnnXu9tFR1iNLp9MW7TzXWpBvgGqA- Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 May 2021 22:29:11 GMT Server MT3 3736 915c305 master cdg-pixel-x2 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=cI9gqDPVRgCrEOc84B6YVQ&google_push=AQvitULPcJZbFysHMKIRmlvIRtD3xrr60D3tFPv8PpxsL9RfjHdmzltAkVMD9hBYXFv8pClnnXu9tFR1iNLp9MW7TzXWpBvgGqA- Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 21 May 2021 22:29:10 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0EC6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUtnejFRQUJLRzFGUUFBQw==&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUKTUep-VNsbEgStHm6xR5g0U3WbbH...	170 B 188 B	32ms 31ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUtnejFRQUJLRzFGUUFBQw==&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUKTUep-VNsbEgStHm6xR5g0U3WbbHptFYjGzZvR3YkodpFWRoEa5PrYTuAgwWv7eZP71T8f_JsCN8uaqUr94fOObbKVpz7Q Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT via 1.1 varnish server Varnish x-timer S1621636054.191158,VS0,VE0 x-served-by cache-hhn4030-HHN x-cache HIT location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUtnejFRQUJLRzFGUUFBQw==&google_gid=CAESEI_bjsKm8Ksfr2J6kN_CIUw&google_cver=1&google_push=AQvitUKTUep-VNsbEgStHm6xR5g0U3WbbHptFYjGzZvR3YkodpFWRoEa5PrYTuAgwWv7eZP71T8f_JsCN8uaqUr94fOObbKVpz7Q cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0EC6 Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIoq9wPdlBAP_K3D4HWiaZ0&google_cver=1&google_push=AQvitUK1rEyooPcV-fUmjErrZrT1wXC3O6u425Qixoay4e1lEB-UrRXAJEEjyO6JodAr5D_5_VZAC... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUK1rEyooPcV-fUmjErrZrT1wXC3O6u425Qixoay4e1lEB-UrRXAJEEjyO6JodAr5D_5_VZAC1KZuNsWKjxMijr5wlBgu_lR	170 B 188 B	30ms 29ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUK1rEyooPcV-fUmjErrZrT1wXC3O6u425Qixoay4e1lEB-UrRXAJEEjyO6JodAr5D_5_VZAC1KZuNsWKjxMijr5wlBgu_lR Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 May 2021 22:27:34 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUK1rEyooPcV-fUmjErrZrT1wXC3O6u425Qixoay4e1lEB-UrRXAJEEjyO6JodAr5D_5_VZAC1KZuNsWKjxMijr5wlBgu_lR x-li-proto http/2 x-li-pop prod-esv5 content-length 0 x-li-uuid 2fKrXGY1gRZgan3v0CoAAA==
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0EC6 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENOnGkOso1VXZroLS0dHMQE&google_cver=1&google_push=AQvitULXrNAgebeMNM87kvVKa48bCCITGLO_CfBZOmF6bmQEK_sFIbZr_uFwgeTXYMfhXO2OCykm58j... https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U	170 B 188 B	28ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 22:27:33 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=2mIXguvNRkaXnXDo6MuTjmCoM9U cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0EC6 Redirect Chain https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHrNT1QnyBWCF_BzamV03Mg&google_cver=1&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyP... https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHrNT1QnyBWCF_BzamV03Mg&google_cver=1&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyP... https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyPIAAzCJ574fM-EVHCPZ&google_hm=MDMwMzAwMDNfNjBhODM...	170 B 188 B	28ms 28ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyPIAAzCJ574fM-EVHCPZ&google_hm=MDMwMzAwMDNfNjBhODMzZDYzZjQ3Yg%3D%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 May 2021 22:27:34 GMT server nginx access-control-allow-origin * transfer-encoding chunked access-control-allow-methods POST, GET, OPTIONS p3p CP="NOI DEV OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUKI4SDbKps2p8euUhXaDn4svt676-J0JvoDTOHGzwtpGZRknJVAx04-qpQDBruOazjlbhAPAyypyPIAAzCJ574fM-EVHCPZ&google_hm=MDMwMzAwMDNfNjBhODMzZDYzZjQ3Yg%3D%3D cache-control no-cache content-type text/html; charset=UTF-8 access-control-allow-headers Origin keep-alive timeout=10
GET H/1.1	200 OK	sync rtb2-useast.e-volution.ai/ Frame 0EC6	42 B 233 B	326ms 103ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEEDnV3NJOT-aqxcNHeQfvw8&google_cver=1&google_push=AQvitUJTAljpI00Vrz53-wthSFVFl87Q2UdshseQ6CqEGmgKdstZ2t47JpGeo4rzTXyxP8uADyVwuEfmPawk7Z5FptF5WEHhc08LWw Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 22:27:34 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 0EC6	0 12 B	30ms 26ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lv4Xwcq9OPC8dShGH1f3ZwbVx09VjCokz5pW8oG3u09bo0Pd3p8QfQMh7o9pyMlOk Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 394A	17 KB 6 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_244.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 21 May 2021 22:27:34 GMT
GET DATA	200 OK	truncated / Frame 394A	19 KB 19 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c68d006b70f708dffe7e2b801cda5e97f99c66b490ba8b3a4191cd7592856492 Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/octet-stream
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 6486	0 23 B	54ms 54ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEY2c_0Sw6A9d1qsi796fwxbynoJ0XU3GsQb5ccm1XAkFaRYrIoaiij7-WckSdLC6BFPYpZJybwF5FjbCuZoC1u_Egsrf6WIariTCYiWMtAztHggwVX75nPXcM_A7CBekJVKEBMbXi6OnKpEWbsvfvdq5U1cworXyuklWwRGJLhh0DkIb9Pkn_X3usQxG5BDygfQUbgAXuSkTFuI593P0Wn_zIsaZh09DkEodc4qiWKJ7fRUWjDdCXxPYSw_ogA3HdsP-B5_9yNg2Mp1JEuT5nrNqXW-2tyHNC-yYKB9aFCYBHyK8wY1jRkOy8V9RI8q2eglqf1BQyKxdlhN4Izy-BYSjaJ_iktJZeu47rD2d6rFpZDiwKOnFspY_wEBkaB8IXvOZcmskBMH9SdDRBkE5UVm-3BfXsZ2yd7va5eJUFa9Y2JQ9Izco77UIHOd-InclvCzJsRnfGEMI6JqHhhvPZ84TunXuf_WpNDc9jaX_gPafzklAbeH4ujiIvrtA0nREXeBJAj_2-ezjRQexiggeMnUEXvv-d-DiB_dSsvjAn032sXY7uN5OVkxNGeWLhX1PS0DVM_eZPGApFg4iYTOjP_I85RKl6DyM31hBzhIX0wVrWkbOTk7z6NPOULjCv9N3OKHaN4I11A-ssiDVVNd_PMMlhQ0MU5TOBtCZlDmaYQaZ0sL6D18gmwVMaFDiBSfB0la01ei10ZV36zvrsYmndbCgBtNFuGDAnJ3qPYjT-jWkASWQCTkeIad0po755UtgX3tU3Rc8oAaeXZX3GO1fdZFmq7AzTiba0hptVRkdFfOeda_awmOflVeSAiJ6jLCy4zFUSKT8aakjvoiSTM_ObV3Q--fW3zJn9yaWxIjQwD342BUqW2-oM6WGSUI39g_TvYJI7TkRIXU93DLrfRPc0eevJGyEYJ3n0pytCplP-IrRDLuXCfjdj5thoGB0eblbRrrFGTApdUjOvuxVUBETngEK38x7wAqPgW5TBtlJwRIGOs8jLu3X13hMAkhhUYwkCmeNoZHlHu_OG9SavtjrMVtpv8rW4dAHVvQf6pzKBRmp9lU39Ctb6GgQtUQyp9uf9F9Nfnh9xCTiGcmQr82NQW3QJek3VpiUsNHEtr4lhMo2Wc1u_ZpjJv4qm3WF96AQV0zZkFyjvOAxI9i7ym6f79hoH0v7IsFeZxV3nfp3hUSdDK7eCM2rVMDxVI9I&sai=AMfl-YRMe26LoyE_XLWSJLKXgd3ZWyNZdi7u8blWZZ3dxwaoI2has6tOaPSHJ6P6UPkx7F9rrb9dJiZvveWpnQPYDnh-an0WsmTkBI_eCgSrUpeqs8efRYfGMmNOKQfbTcfCyKa1opoztFZbALEL7FMgiapNRWwGsA&sig=Cg0ArKJSzJyPO_IhVU3-EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=433&vt=11&dtpt=342&dett=3&cstd=88&cisv=r20210517.78217&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame 71B6	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16826 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame 8E37	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16826 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A7A8	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BndBk1TOoYIqIIJ6t3gOBmZ6YBgAAAAA4AeAEAg&bg=!6-il6KzNAAZ7hX_Ue4U7ACkAdvg8Wt3zOVAWq8RZnnTfrG8wSVv768xuU0Opj8Ayq0xJ76QSyR1Y5wIAAAFlUgAAAIRoAQcKACLDs54j9UGXGV0Sjt4GzAuaEBDR9gGJNiJSVzsUqfUrE4DYmQKax4a_y6NY-88ZAEIrbbFPyMwrKftmlZLlnQ_A2u2p_O_P57k4S64sJMSO3pYRSe4uE_pQ2yAjAsz9A0DadVJ6pomMnICG6BHwJ1lfX7YTv5fWrO7xKxsnyw8Evgo3dzjSPRkwdO_C5DY-bmViePtxC3VveGwfps6iQn9zqyRgm8LO_Nl6snU5SpEnJrwd_Jc2gjsrCIrVoQ22-KL4e41RiYtuzfDeqeUPj30nQps5qTu4sJaP0oldPwNuwXypB7masZgb-S3OzUjA-DegYpZcqiQ5Nn5VzwJnEUfix3kX8bfhxGPMyZHuAzv9zUfoP0ArBsvnrnTJnpFmu4kiWObb1wiKJeb0h6Ra81LWzQdJfjdhER0CfHURYih_lHSvDMfuPxKltsHu0YWhk_0EqnVg6WXyzRrhWvpk90Ahu7wUNkyG9Uw1uqIz1cR8HUbvpevb8b3rMIlSbm71Kf8a5tzrs_Ue4EKjwjUmWEwVL1MZaoEq3CNZU8IM4d5sCilr86twIZKYT-FMrXpN9VNWFc0J6qOt105DnbropGgZePpuLWPg3Q3YiacIJWX5kh_tRZ-C8j3NcFZ7pCAP188zV8bTJnPOBMRbKk6wnuOHvTEsEDyBu2q0Oq1BbJAwwoeHVJDJlCbObPE5aFeNu-R68_VzNahlXw_YLv81eKxFEJowe5dOprHJMcxbnjNfGlZxYaR3o8DYKRw2AtLvT-YpFBWzKhgpQc8EU1kM1NIsN2Bh1TH8L9AMcTwQ9sxqm_rKWvyoycRzjJS4yw7hGAEdsD-4brgaWMBoh0rK3V-cequ7AKwD4IsFdtirkBAMJeV4LPZJHcKctC1eEsoIH0xlyq0l-SybPsDW4xsi2lVDPWXUa459PbcFRqyWduMp Requested by Host: e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com URL: https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 8748	5 KB 4 KB	15ms 15ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_244.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f7245b0ec6e3c68c0502163963768bd36958597bb80ffb616f4bc0377c54409d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4144 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 8748	17 KB 6 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_244.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 21 May 2021 22:27:34 GMT
GET DATA	200 OK	truncated / Frame 8748	19 KB 19 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c68d006b70f708dffe7e2b801cda5e97f99c66b490ba8b3a4191cd7592856492 Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/octet-stream
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame 61E3	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16826 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame EEB8	0 20 B	41ms 40ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYmtt1TOoYKWhIvqHjuwPiOi74AIAAAAAOAHgBAI&bg=!k5ClkNTNAAZ7hX_Ue4U7ACkAdvg8WkwiHgGMPxMdy47wbaOx5oZIhhMQwymFVPlDWQuROKHRvNIX1wIAAAG_UgAAAEdoAQcKAEpt-u3saS_zYFuashLD6L6M-kwu5E5u_G1cBDDpVYwEgSCEKXBFUc_VL3ZuPDuFZr_Gqbaj4XywJSRB46zpb-zwp8_tVJFIfpg4BZkCioKistU1KAxu3NUWgqWJGmghrpgJiYQMMiFJyp5vUMj34pQGgKvaFq-1nPS1xCqtbHzSmcCkdRJ3w-sF6y-_DGpkET2ebLsQrkwEB_EYGuBO-KuxcqLP4waiyhM_Dq8v-YPQGlJnpUZ-qA_pFzFaPdbsY7foKUjCABBqRqN0wgJqHJXnfpM_Gpu2iai86BCvxTc9_p3S4h_nqcYEhDQv7w9fHpC-J487HFTf84C3_a7ewLO4JAGdrjhup65vmp1Hxhz4c1er788QTFSmkP4F_rHJJlXjd9QcPaCEBWfEl7vp3lJAIZ9RgFrnKUvH3sZuvc5L6uHBgO8E-Yqi2NEG87jV9NQIGRROyvJbyPeD5lhJYrReaDSM6M9TM9NOoZwWhtc7j_sh406UnLucEqZ-NXL-t5PJPflvzAOoy65FyA3k_W1vWVB636iQPHNHyGHXXMe4arm3d0EkkjU12B_dlOym20UoG0Zw6WAV3pssgjdDDhGechbeqhiGi5mGAKLC1tB-j9E7x6beRmfp9_o7Uc2nwxoFYMSZ9uQvmPgOM3haohTaU9gSIWQ8-rKzgnXXopjs6EDwwRd0-GdykD6sXeW68auVbpO1zUcSLVFG_cXY1IRiArJwLwl7qWpdIqNjiA56xUw7DDAAZo6eeBShiTJlWUeOZWUk0xjFxerMgc7ubiMEbWzU0Ve8TS-OZg_WP-t1iQIj4e1C8No2BA7dJs5V7FDEATiwQcrFBzUhkk8rK2IiqvOATnkqmi8CExOTop0ofmWInGc4AZWt9DA286yt7zDjApQqnJZUuhM91l568N19OLyRVQc2lnjHpTDJDXsvFQVmgTasXxX1tTdzm4xUooK27qHR0-Uh Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:34 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame CA1D	42 B 64 B	46ms 45ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstss2tzNY0PZhJ1ISfIjw85LvmrWKWJaQNfG7nfbr8Hwi0Tbb0VExn3Hy22l_5efl8P8vW-59fdVAR7G-LWVaksB9iYdokAfGsXAu7iQ0dh0C22G_osvh5-vKQ&sai=AMfl-YQq8YhphfEx7u_U5j4BtcIDZkbLmo-HmJTX14mwHAijKxOeL1EiVBegmRPZmGOVl5ap-cbq7N3j59QdLEeDdZ5sUXqKGG617SdaWjqVj8n9dc_-Pdta4wv5XrI9&sig=Cg0ArKJSzDIl2FWvKBMsEAE&cid=CAASEuRoWmo6ztYkshd6V8nYJ51_cg&id=lidar2&mcvt=1018&p=1108,436,1198,1164&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2530142577&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621636053469&dlt=26&rpt=2&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:32 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5F9E	42 B 64 B	47ms 47ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaW8Nt9gO4LwzIuPEcUixlWbYWV6fRntihAbFt6d3p40dH8V6YWcgitydII3zRfjSjWR30xsYdQEMfFyt394iSrT0MtJNs7CX2hxaczyR2wwk4FW_37S2qo2M&sai=AMfl-YSQH8fYD6oq5HgcsLCwBjEdG1g3mFqt9EvSzNEHXePWmc18kjdEfnCLzBU-EbpIqUoD2UczW6o5eGDXceV0YXaERDnHAku1m8njGXgYkpQVVGxe5aubuYEvJnVS&sig=Cg0ArKJSzLO3eu4q5aIkEAE&cid=CAASEuRotzN_A_jFvaIFpcgeXsjS5w&id=lidar2&mcvt=1020&p=171,650,421,950&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3122676339&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621636053485&dlt=13&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 4BEE	17 KB 6 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_245.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 21 May 2021 22:27:34 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame CA1D	0 23 B	55ms 54ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsuCJpb3EQ2rVib2kfFqtDIM6_DLR1t2pYvfE4r_IJzdIqzZnJJJh-tqZjMT9_5p6Rf-TnGCXqSZXoYhYS2kgtlQ2FYIzsuqIFBxWxuVEJdCunGub5PwN6Z1lkagp3ncz6_X4QHp4oObIqcaTIb17_5CMINksHnCxHxsliVg7ZLFWhOP2CGCM3D_XJ5_fXlj8k-PmbIElkn953FJvolUBKPFSn0kns29cYbgJ_e-EDLkSFOELUrjSG40oRyxiRRKeZs154L6GolLyEGD3KOl6inRv9fhbJTSd1zTglTY7nxUaaT63FqfQphevvWYc8zh5V8i_xNYXnndVwRf7KaoZ92o6qB5wjjHATt_ThQXPv93Msexw-nrZ0LxSSOCJfyMJa52HZRCungrVoK-2LZs_UDhSPv9_avkkKSYJueNKarTBU7pTcly7eRvq8i7ZZUpEvd1FXxT45Zai0LMfVyeLhR_PqSOxMIeGfMRCcvBQezzk-XlGeKBSZvEaKMcwsbzvLCIJMN40W1FlN-aqEXWbggZM0UCtP3sYe4tlFksDVYwtKu9TQXTstK22i4FPt0deRZc5xD_kE9CaODsNAh1KbcqNaxw7zP5ftA67ooSdMlAHXaQOT3keUZLgMDQ4J2vPzS2gpfVNbh9DzvpnzBuQbuSVIbJCaEhs4xVdXdWhfDtGQsyN_O52YXFX5a6Vgt-M9TP3rSmaZYRHgtgjJTd8_2rSTsnguQVT1k1yGPywe9tfTZppZgUna8cBZc07qsQsB16-B4P39QgDItjCuC7gvzwBJhopGHLzaPc3MeYYM6xAHeBV9sr5Cgjn7T1-eMdzgf3aMDqy8Gp1oY_ce_RzHDeNWxPB0jqQG2vn0lWwHQV-qhVTyCxRJPYdOmuNttWXXBP-Y06XdOiaMFd62FXNVOhmpjCQnMlRotWCTWJWBd6RAv0Vz2eNUracTGj9JVzkTLCLDlRH4h07hSXcZdzEd2QM-cPY7jo6F_om7JABQsGHeO2LeDoGOfFn3x7Vl7KRDJepN6ht12Ps9_EZCjvKnQqlNz1rHXH8auQ5rww2BbRiqepRwKGUsEZ-0KYYnjzXAleiIFl57DSXOBtR9F1nrX5Hj0f5IfkYrASItLV51NyxceXifF2CrTEzLrpSgd_5jjhOFj625409PC2Nm431e42DvQ44JnvLOGI8xzym5n9XuKzRoJJ6jVDMpcrI5sjO3zh2fST3AF60JF61tbu0PlLRLBC5I93Sg42I&sai=AMfl-YQUwFPQp_TYAtxMa9DzMb0br7_4O-tGuDBar_8oSMdAzj-xDZwnBVXwKEu5rnlNkYEd6aA8gJ1p6Ba43TAN65BxsnIyLhqrjRcNbFeOG_IbRo-Ov2DMn9SJkAPK43Z-Vl_Y8b20HjS1apKERM-ltnFP-TuurHyt_cjEwh3Wa1RgRwdLsBuU_A&sig=Cg0ArKJSzB5I0gfExu8zEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1175&vt=11&dtpt=1083&dett=3&cstd=85&cisv=r20210517.30884&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	44244949_20210209090349815_AW_ZurHand_728x90_bgImg_2021.jpg s0.2mdn.net/ads/richmedia/studio/44244949/ Frame 4BEE	28 KB 28 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/44244949/44244949_20210209090349815_AW_ZurHand_728x90_bgImg_2021.jpg Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27a071bcd99a57741544530de54762b3d75710f15b5aff3b910855df1b0eb794 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:44:46 GMT x-content-type-options nosniff last-modified Tue, 09 Feb 2021 17:03:50 GMT server sffe age 34968 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29034 x-xss-protection 0 expires Sat, 22 May 2021 12:44:46 GMT
GET H3-29	200	44244949_20210209090352833_AW_ZurHand_728x90_handy_2021_de.png s0.2mdn.net/ads/richmedia/studio/44244949/ Frame 4BEE	17 KB 17 KB	7ms 7ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/44244949/44244949_20210209090352833_AW_ZurHand_728x90_handy_2021_de.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 69199a508a9a72f8778ce803bc34bd59773860344a7c1dd6ea7eab8baaa2f297 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61708638/20210420102712166/index.html?e=69&leftOffset=0&topOffset=0&c=P7lzwloCVT&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:44:46 GMT x-content-type-options nosniff last-modified Tue, 09 Feb 2021 17:03:52 GMT server sffe age 34968 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17859 x-xss-protection 0 expires Sat, 22 May 2021 12:44:46 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 71B6	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByYKG1TOoYKusMOSqrATsgqX4CgAAAAA4AeAEAg&bg=!CQqlCk7NAAZ7hX_Ue4U7ACkAdvg8WhTWsGQo47cD5ztcqvzeQhW6Sd6XrkM5WIR569smeAFcVJhPAgIAAAFKUgAAACdoAQeZApC74SKvbMEH4fblMdPctbI4-6adOMLV9Fea84OlwHRdkb5fGlnxwFBec-On2_i8YR9dxGXS4Gr-twoJELtSfauafdrpmr1uTLBtYs6uNE3EDsZZP-KExDzSDaxnKoNUKP1kiYZ4EcAmcPY4etwr2ApABzqJUlKryHgJA_7Fo7R2_NVsQ1Q_jWPiX-o_8xLWkldGCM0N57nT_zabjzN5HgsdXDDSkrXbAhyxzgrdIww9k7JOON2-TkrfZhbUYkyD7qZG1qCLHECjlKd9Eebk_WMyMoXylbXsuEF7jyqr3ZY9NpX4Ap2UA5AlRzJq77abYaz2BfIS3ilkLDTYFrVEZEMj2dBU5mVRu1MplLdDpZn1vlr2j42LwFARazRHeKMKU1k3duWBpvDwEZxhNVGPtGwwP-F0gKI7JZWH9OQl_Ca0RUAWYoIKCbwt6I632BTuUFKLtt1uqtJMKKenjKgQUAY4xg8h5Gl02lUU-1q5RfUP4dJ9JvsAGzJbiNBhQuGZ1Ks1oIdfwMkU7l_U3w3DnhYAQgdbNFZV2DPpaKqQDXXQYGYkLv5ZUoaA-MC05lYxxueHAm2RuBM5yQl_fhtaFcM7fI-maDfS8ptIanYogMGiMhFg3EoymsjeP19iqjSBmx-UWK5d1_unuyPynkIgfxiYY-MmaXp_3fK_3nfyTHvAFgLYBtya-R9hSr6VGWeEoU1Lk-pZLLSfRrSDnbsns-_cJjG52s6sFzMRnFlXvk4c5iU6KsXyY8JXWBA7kb7cEeCLnuZEjhfaBjwsvK6nCXbvWnXHuuLZcKsCiMtrw63jgJAMcN3SNSoit3cuaV0vOPuHjgejwFw0Q3ZjciW7yLc_KPJ3yocd_f3QgnsLIxFBVA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response pagead2.googlesyndication.com/bg/ Frame 915B	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:47:08 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 16826 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5784 x-xss-protection 0 expires Sat, 21 May 2022 17:47:08 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	21ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:33 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6486	42 B 64 B	46ms 46ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDLY2f3OgcihLL_KcjZRV6p90zIuNcH9ZK5xyxgLSsebg6ow4Pj5rKA7TCkLYiuQfwoyYeoikgXqZeNRsvD0keZbTUNFagABWajsgSIhHzCEyYFsafNoqnT2I&sai=AMfl-YS8TMqagPuLndOLtfcdAjnklGvfygo3KDhKNPCf2Wsd6IEgIc7AF6CYQiFBdlp4bNaFvdEJpb1z90zUvsJ1piqfvVNmaMKO3JllgY27vZh6EFFR93Et-Bf2IIJ7&sig=Cg0ArKJSzPr6Olfk52NPEAE&cid=CAASEuRoJXE0yA9q09tPTh-mBavk4Q&id=lidar2&mcvt=1015&p=171,327,421,627&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20210521&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=840336167&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621636053727&dlt=30&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e26489436240cda5d95b18aa9a481f11.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 22:27:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	22ms 22ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMzEifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0ODk1OTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4OTU5NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMzEifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:34 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:34 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	22ms 21ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:35 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:34 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 42 B	26ms 25ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjI1MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwNzc3MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODcwODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDQzIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjI1MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwNzc3MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODcwODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDQzIn1dfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:35 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:35 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	26ms 26ms	XHR text/plain	3.127.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-76-126.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ2OTYyMiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzNjA0NywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYjE4OGVkOTUtMjE4ZC00Y2Q3LTQ4NWItZTFlMmI3YzM2ZThkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDY5NjIyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjM2MDQ3LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJiMTg4ZWQ5NS0yMThkLTRjZDctNDg1Yi1lMWUyYjdjMzZlOGQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE0Njk2MjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzYwNDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImIxODhlZDk1LTIxOGQtNGNkNy00ODViLWUxZTJiN2MzNmU4ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=200; __gads=ID=8d2acfcd86611226:T=1621636051:S=ALNI_MZAEpyIdT2-YGVTjoN6xf1bPiDquA; ezouspvv=480; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 22:27:35 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 22:27:35 UTC