trovas.ch Open in urlscan Pro
18.159.80.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://trovas.ch/
Submission: On October 12 via manual (October 12th 2022, 5:33:26 pm UTC) from CH — Scanned from FR

Summary HTTP 221 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 63 IPs in 7 countries across 51 domains to perform 221 HTTP transactions. The main IP is 18.159.80.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is trovas.ch. The Cisco Umbrella rank of the primary domain is 568577.
TLS certificate: Issued by R3 on August 14th 2022. Valid for: 3 months.

This is the only time trovas.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	18.159.80.129 18.159.80.129	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:671c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
17	2606:4700:440... 2606:4700:4400::ac40:963e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.208.180.148 91.208.180.148	6730 (SUNRISE) (SUNRISE)
1	91.208.180.149 91.208.180.149	6730 (SUNRISE) (SUNRISE)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:e0:... 2606:4700:e0::ac40:661c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:4200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	108.157.6.231 108.157.6.231	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223d:6400:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
4	184.24.12.164 184.24.12.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::2fb3	16276 (OVH) (OVH)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.208.243.53 34.208.243.53	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.248.55 18.66.248.55	16509 (AMAZON-02) (AMAZON-02)
1	3.12.31.10 3.12.31.10	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	3.123.131.103 3.123.131.103	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.212.128.245 52.212.128.245	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	184.24.11.26 184.24.11.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	95.101.200.23 95.101.200.23	16625 (AKAMAI-AS) (AKAMAI-AS)
9	161.47.17.28 161.47.17.28	19994 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	3.67.250.232 3.67.250.232	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
5	198.47.127.22 198.47.127.22	() ()
1	198.148.27.134 198.148.27.134	19189 (PULSEPOINT) (PULSEPOINT)
9	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	() ()
1 5	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	52.212.146.220 52.212.146.220	() ()
1	51.89.9.251 51.89.9.251	() ()
8	213.19.147.42 213.19.147.42	() ()
4	81.17.55.113 81.17.55.113	() ()
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	() ()
221	63

41 18.159.80.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

trovas.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:671c (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:4400::ac40:963e (United States)

ASN13335 (CLOUDFLARENET, US)

c.tutti.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.208.180.148 (Switzerland)

ASN6730 (SUNRISE, CH)
PTR: cis01.immoscout24.ch

cis01.immoscout24.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.208.180.149 (Switzerland)

ASN6730 (SUNRISE, CH)
PTR: can01.anibis.ch

can01.anibis.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:661c (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:4200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.6.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-6-231.dus51.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:6400:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.24.12.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-164.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-55.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.12.31.10 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-31-10.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.131.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-131-103.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.128.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-128-245.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.11.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-11-26.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.200.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)

saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.67.250.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.22 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (None, )

ASN- ()

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.146.220 (None, ) 1 redirects

ASN- ()

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.19.147.42 (None, )

ASN- ()

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.17.55.113 (None, )

ASN- ()

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (None, )

ASN- ()

saambaa-static.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	trovas.ch trovas.ch — Cisco Umbrella Rank: 568577	319 KB
17	tutti.ch c.tutti.ch — Cisco Umbrella Rank: 559649	1002 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	307 KB
11	googlesyndication.com 4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 170 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	46 KB
9	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 334	17 KB
9	saambaa.com saambaa.com — Cisco Umbrella Rank: 29228 api.saambaa.com — Cisco Umbrella Rank: 32289	159 KB
8	unrulymedia.com targeting.unrulymedia.com	625 B
6	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 701	5 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2144	40 KB
5	lijit.com ap.lijit.com — Cisco Umbrella Rank: 869	3 KB
5	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1451	818 B
5	pubmatic.com hbopenbid.pubmatic.com	331 B
5	ezoic.com pb-server.ezoic.com — Cisco Umbrella Rank: 8124	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 311	109 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	2 KB
4	smartadserver.com prg.smartadserver.com	1 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1477 id5-sync.com — Cisco Umbrella Rank: 642	33 KB
4	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3916 l3.aaxads.com — Cisco Umbrella Rank: 6099	140 KB
4	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1449 pixel.quantserve.com — Cisco Umbrella Rank: 683	21 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 391 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 750	49 KB
4	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 11151 basher.ezodn.com — Cisco Umbrella Rank: 11678	112 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 486 mug.criteo.com — Cisco Umbrella Rank: 1859	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3924 google-bidout-d.openx.net — Cisco Umbrella Rank: 3835	564 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
3	google.fr adservice.google.fr — Cisco Umbrella Rank: 25800	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	152 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 4219	84 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	74 KB
2	media.net 1 redirects c21lg-d.media.net — Cisco Umbrella Rank: 3468 hbx.media.net	764 B
2	gstatic.com fonts.gstatic.com	60 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 8322	238 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1563 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096	10 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1743 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1864	547 B
2	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 1356	1 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1200	1 KB
2	immoscout24.ch cis01.immoscout24.ch — Cisco Umbrella Rank: 961809	155 KB
1	azureedge.net saambaa-static.azureedge.net	17 KB
1	onetag-sys.com onetag-sys.com
1	servenobid.com 1 redirects ads.servenobid.com	315 B
1	adtelligent.com ghb.adtelligent.com	2 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4346	702 B
1	contextweb.com bid.contextweb.com — Cisco Umbrella Rank: 4517	182 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 9110	323 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1595	646 B
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 4526	5 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 7607	2 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 4078	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 789	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 4181	8 KB
1	anibis.ch can01.anibis.ch — Cisco Umbrella Rank: 764456	126 KB
0	33across.com Failed ssc.33across.com Failed
221	51

	Domain	Requested by
41	trovas.ch	trovas.ch
17	c.tutti.ch	trovas.ch
11	securepubads.g.doubleclick.net	trovas.ch securepubads.g.doubleclick.net www.googletagservices.com
9	ib.adnxs.com	go.ezodn.com saambaa.com
8	targeting.unrulymedia.com	saambaa.com
7	saambaa.com	trovas.ch saambaa.com
6	fastlane.rubiconproject.com	go.ezodn.com saambaa.com
5	ap.lijit.com	saambaa.com
5	prebid.a-mo.net	1 redirects saambaa.com
5	hbopenbid.pubmatic.com	go.ezodn.com saambaa.com
5	pb-server.ezoic.com	go.ezodn.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	tpc.googlesyndication.com	trovas.ch securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com saambaa.com trovas.ch
4	prg.smartadserver.com	saambaa.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net saambaa.com
3	c.aaxads.com	trovas.ch c.aaxads.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.fr	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	trovas.ch c.amazon-adsystem.com
3	www.googletagmanager.com	trovas.ch www.googletagmanager.com saambaa.com
2	cdn.confiant-integrations.net	saambaa.com cdn.confiant-integrations.net
2	api.saambaa.com	saambaa.com
2	www.googletagservices.com	securepubads.g.doubleclick.net saambaa.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	oajs.openx.net	1 redirects trovas.ch
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	id5-sync.com	cdn.id5-sync.com
2	cdn.id5-sync.com	trovas.ch securepubads.g.doubleclick.net
2	pixel.quantserve.com	trovas.ch
2	pxl.qccerttest.com	trovas.ch
2	rules.quantcount.com	secure.quantserve.com
2	secure.quantserve.com	trovas.ch
2	basher.ezodn.com	trovas.ch
2	cis01.immoscout24.ch	trovas.ch
2	go.ezodn.com	trovas.ch
1	saambaa-static.azureedge.net
1	onetag-sys.com	go.ezodn.com
1	ads.servenobid.com	1 redirects
1	hbx.media.net	1 redirects
1	ghb.adtelligent.com	go.ezodn.com
1	hb-api.omnitagjs.com	go.ezodn.com
1	bid.contextweb.com	go.ezodn.com
1	c21lg-d.media.net	c.aaxads.com
1	l3.aaxads.com	trovas.ch
1	mug.criteo.com	trovas.ch
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.aaxdetect.com	trovas.ch
1	googleads.g.doubleclick.net	trovas.ch
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	bs.serving-sys.com	trovas.ch
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	can01.anibis.ch	trovas.ch
0	ssc.33across.com Failed	saambaa.com
221	68

This site contains links to these domains. Also see Links.

Domain
telindex.ch
freelancer-jobs.net
carguide.ch
moto-inserate.ch
mobilu.ch
troxler-marketing.ch
jobseek.ch
dating-24.ch
foxilla.ch

Subject Issuer	Validity	Valid
trovas.ch R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.immoscout24.ch Sectigo RSA Domain Validation Secure Server CA	`2022-07-19` - `2023-07-19`	a year	crt.sh
*.anibis.ch Sectigo RSA Domain Validation Secure Server CA	`2022-06-03` - `2023-06-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.fr GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
invstatic101.creativecdn.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.saambaa.com Go Daddy Secure Certificate Authority - G2	`2022-04-01` - `2023-05-03`	a year	crt.sh
*.ezoic.com Amazon	`2022-08-30` - `2023-09-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.confiant-integrations.net E1	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://trovas.ch/
Frame ID: C55DA1F3009B377D2D99141B85E3394E
Requests: 125 HTTP requests in this frame

Frame: https://4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F7C92392B7DDFC016387BEC1FC2101C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210010655000/amp4ads-v0.mjs
Frame ID: C2F1A0815407896CE53188EF085A7018
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=trovas.ch
Frame ID: 9C45304CE72657A979ACB76CC3DDD651
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2FF0D43271961FE5CD4472A97C4EF813
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX65WOCF&fv=1&fy=37&ke=1&suylg=195%2C250%2C371%2C251%2C271%2C369%2C206%2C291%2C159%2C97%2C229%2C241%2C263%2C265%2C108%2C306%2C292%2C175%2C310%2C336%2C218%2C219%2C367%2C272%2C213%2C203%2C209%2C356%2C282%2C267%2C325&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 367D2F52C183183B9B341AD38029DA93
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49482F455C87134315E3BBE0F208AA99
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A5D0DEB745A3F93ECB5802AC845CD7B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdLG1jdZqQD5vhoDP-7gsaFObA3U65F2f7iGZPwdHQ809ECcCfg7JO5Hx4cJKLryJJr2Gi4wXs1dTjhsUZWBKpKmEgDR82kvFGoC5PvluDfKDGhld9a-d84UjjIDoH7mG65fZsdt9xOh1aT5arTWNJYqgB7fafDyj83_tEvhHKz4f4VfZHvRTJxgFKvVHNm-UkbTWjzDZL0KbcCFLF1PvK3kfo1TT0fceGGfwDkC7vRb1_waoqFU4sCX_bt9-qoburYjFdVpn2U_JVDyvnPXBBlrf3ZBemrgvoUCBRUeq0efx3RazxYkFf2JPo_XJ3iI-kyrZN0ZQCQdETmyunEYbBk7Dmm3hn&sai=AMfl-YQ-m6K0t0wgBSo3EN53T-R8aZ_aow3KXZ7Sc2q3e5e3TStep0x_LPKGXrAt_fZI9e9mrxbm2L8JUc-nl_kmFkDeiCkzoVaTybWaBDyJv50NUFSV6YU0xerJsrpVI-8GBQ&sig=Cg0ArKJSzDVjRX-NHTUYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 80AB979C1B1CA4C98A10049E46F5D74E
Requests: 65 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: 75F31E0374B6ADD8DF001D28D7D0476E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Petites annonces gratuites en Suisse

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

221
Requests

95 %
HTTPS

48 %
IPv6

51
Domains

68
Subdomains

63
IPs

7
Countries

3092 kB
Transfer

6082 kB
Size

46
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://telindex.ch/

Search URL Search Domain Scan URL

URL: https://freelancer-jobs.net/

Search URL Search Domain Scan URL

URL: https://carguide.ch/

Search URL Search Domain Scan URL

URL: https://moto-inserate.ch/

Search URL Search Domain Scan URL

URL: https://mobilu.ch/

Search URL Search Domain Scan URL

URL: https://troxler-marketing.ch/

Search URL Search Domain Scan URL

URL: https://jobseek.ch/

Search URL Search Domain Scan URL

URL: https://dating-24.ch/

Search URL Search Domain Scan URL

URL: https://foxilla.ch/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://oajs.openx.net/esp?url=https%3A%2F%2Ftrovas.ch%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ftrovas.ch%2F&rid=esp&cc=1

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://gum.criteo.com/sid/json?origin=publishertagids&domain=trovas.ch&sn=ChromeSyncframe&so=0&topUrl=trovas.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uDSf43xHOG92R3Ftd09ZbmhpVUtzNWR0bHJpR05VVFNYb1MzYUVvVHBGTmdVYlVkcmtkYVdzVU9JenRma3pheHhNem5jazdvRk0zZFo2ZHBOMFpSUFNNODF5blNPTGZJL1VoZUNZUjZaUncrSmNFbjgrZ1lUOUJhQlFycGx4YWYyUHhiVXd5SFhoa0REM1g2ZkhDYTlRQVRvd1RYWVlmbW1YbEhzNEZkTUdmUlRnSGxGMFhDa1M5ZUxOY2tRc3BtZUNGWXZ0Y1BzZ0UwV3ZFTDdXek1IazFYcCtoL2ttU1V5akdCemJzd1RSayt5YmlZQ0UvWVRZQnM0K1lYdkMwOHFDcWNkeEswaE4rd3lObXhlTGc2TUpod2NUZz09fA&cppv=2

Request Chain 162

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=6c1b812a-7c41-4b9b-b7d0-53375f765e33&gdpr=&gdpr_consent=&us_privacy=

Request Chain 176

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
https://pb-server.ezoic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA

Request Chain 178

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://pb-server.ezoic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&f=i&uid=

221 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
trovas.ch/ 70 KB
21 KB 2109ms
1998ms Document
text/html 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache / PHP/7.4.32

Resource Hash

daff854f27706ca5dea672ab528a28855d78e8d630f8592566ca541eeffc2d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 17:33:17 GMT
display: pub_site_sol
expires: Tue, 11 Oct 2022 17:33:19 GMT
pagespeed: off
pragma: no-cache
response: 200
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-powered-by: PHP/7.4.32
x-sol: pub_site

GET
H2 200 austin.js Show response
trovas.ch/tardisrocinante/ 2 KB
924 B 27ms
25ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/tardisrocinante/austin.js?cb=15
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 792

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 144ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f689ca5ffefeea41c73d484efe0a7eb186e5df9963cce9ee4f446c7a5065886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27729
x-xss-protection: 0
server: sffe
etag: "1361 / 774 of 1000 / last-modified: 1665595101"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 12 Oct 2022 17:33:19 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 361 KB
110 KB 189ms
134ms Script
application/javascript 2606:4700:e0::ac40:671c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:671c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa8f80ac26c590eaf04e784d44349446dc4409b13d11e5c14cb386f19c64a60

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 17:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BqVX1LWqPDWphDJzyPYelm6NPsI8%2B04RC3NubbT1NdGXtllpaQRK2a9UebB3r46%2BGYizUsvZup4Icz26f95YT2m0PqeAC8aFcWamQhPW7QEGD8%2FVvJJAgH4A2N5SeRBevz3HWmbgoX66fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 759194745bbfb7be-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
trovas.ch/porpoiseant/ 8 KB
2 KB 27ms
25ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/fads.js?gcb=195-12&cb=6
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 /
trovas.ch/ 2 KB
727 B 68ms
67ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/?pI=style.css

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache / PHP/7.4.32

Resource Hash

6f0cee03cafba12a1684d4f70f2c7c1d9c3534e28c3b200e618657234b23a793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
x-powered-by: PHP/7.4.32
vary: Accept-Encoding,Origin
content-type: text/css;charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: no-store, no-cache, must-revalidate
x-middleton-response: 200
content-length: 595
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 style.css
trovas.ch/ 12 KB
4 KB 113ms
112ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/style.css?11482

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ece0243f41da2a86f90bed203e2ad25e635421a7a362b51b99c888035a0cbfbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "31ab-5e9fcabe5d046-gzip-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 simple-line-icons.css
trovas.ch/assets/iconfonts/simple-line-icons/ 13 KB
3 KB 60ms
59ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/assets/iconfonts/simple-line-icons/simple-line-icons.css

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3c9728842f6e7eb1f63ae7e46212c77af6836c6c64d139f5b6883422629ba398

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol, orig_site_sol
etag: "328c-5e26b9cd2ec00-gzip-gzip"
x-sol: orig
vary: Accept-Encoding,Origin
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 font-awesome.css
trovas.ch/assets/iconfonts/font-awesome/css/ 37 KB
7 KB 70ms
69ms Stylesheet
text/css 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/assets/iconfonts/font-awesome/css/font-awesome.css

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4fe8248da42b7e548d250f5cb11bda7c729ab8b45a43cfdb50153024cfa0a950

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol, orig_site_sol
etag: "9256-5d27b1a250f40-gzip-gzip"
x-sol: orig
vary: Accept-Encoding,Origin
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 97ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4377331-90

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f54c9abafe87b0a50bbf04adf7083d8e65e985fb8d555434f331d10ba94bb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 17:33:19 GMT

GET
H2 200 tr.jpg
trovas.ch/img/ 44 KB
36 KB 116ms
107ms Image
image/jpeg 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/tr.jpg?

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0c2c19fc31178f0864e7b9d66c81e7e9f3a2623ae63cde40c49eeea052c457a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "b14b-5e237ba1b8e40-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 banger.js Show response
trovas.ch/porpoiseant/ 52 KB
13 KB 37ms
27ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/banger.js?cb=195-12&bv=164&v=67&PageSpeed=off
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: b79af73ff937dffcaefd36e52803089c65cb9b615d7555df58c0d8ea0e999a3d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 5869315108.jpg
c.tutti.ch/big/ 29 KB
29 KB 275ms
202ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5869315108.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1027d66f68b391b7367955c5b8126e56b3bdd64d2abea3e33d55c6a1a099302

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: 8a._dkEx3CyPvag7Dc9A0NWzwOwpDVFK
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 29333
x-amz-expiration: expiry-date="Fri, 09 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Sat, 24 Sep 2022 07:24:52 GMT
server: cloudflare
etag: "67934ca3b3aadd49fcee4b2613efaf78"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bbfd578-CDG
x-amz-cf-id: rCLkm8G7d5EhkbemvhiJ_kOsbixcng3uJrMm2jgl6mT8DdrTrqF1HQ==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5804722045.jpg
c.tutti.ch/big/ 60 KB
61 KB 259ms
186ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5804722045.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba2e78dba661467c8012ca3fb4cd683f8c7f5031a119c60f726f596cef48802

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: 882bSUoCluEljvbWy6TDWLoFVSK4FVBI
via: 1.1 f1c3d16033a0215071d66d8a8c247af4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 61473
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 14:45:20 GMT
server: cloudflare
etag: "062f6d1441264d4109ee59ef862abe82"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bc1d578-CDG
x-amz-cf-id: -c7oLketX1WDW2UEGgTYBKuuILmTOWA6l6M1v043gY3l7MJwweDCqA==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5857082816.jpg
c.tutti.ch/big/ 72 KB
73 KB 326ms
253ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5857082816.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d714c08f94baaaf75d0d4e7c95627f3f965685f12c88decae33a8caac839d9b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: SWs82Qp3WC7R14WflVZ07G9Szc5x9TJo
via: 1.1 11bc309875abf4cdfea734f39118b58e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 73842
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 14:54:05 GMT
server: cloudflare
etag: "82201381c59cd6d6b7dd38b2dbec7243"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bc2d578-CDG
x-amz-cf-id: F-HXY5k5jGKw_UoHMJLrfi3DwwPIOa2xV3DpQlTwvUwUgJ5MwMz8TA==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 6404109075.jpg
c.tutti.ch/big/ 41 KB
41 KB 239ms
167ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/6404109075.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63921b4d7746d52820d66930fc665e4c87d5e65c0ee13e0f1371d49bdad04dfd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: be1LXglKdnncVq79oTh9aRAVA1T4r45y
via: 1.1 559ee8cd119d47737b610c6ae5010932.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 41733
x-amz-expiration: expiry-date="Tue, 20 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Wed, 05 Oct 2022 08:30:38 GMT
server: cloudflare
etag: "afdad8c3b8d791d6fe85f57af70540ee"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bc3d578-CDG
x-amz-cf-id: ryEgL3NKa0PPIBwP7ZFNhYJp2LCGRWKrSZ-RaEYsT6eCMtj05YQaMA==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5849855627.jpg
c.tutti.ch/big/ 69 KB
69 KB 251ms
179ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5849855627.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6626fb430ee3f43bee5fc460c64cc86330928e2e4e45444bd7149c5b8753ac5d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: Nj1XHS6EbPzbORFQ49CwvGnXV1oGS5fH
via: 1.1 9d638fe6fe3e82d4d1292fa9e998dfbe.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 70556
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 14:56:14 GMT
server: cloudflare
etag: "cc62dc9e738a81bbcef390b00e396605"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bc4d578-CDG
x-amz-cf-id: m-xI5nL-tBtq2wq7cn_uJ587GSd3XzrwwfVa4Xl9KZqVgxaKXa6Ttw==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5801215169.jpg
c.tutti.ch/big/ 65 KB
66 KB 262ms
190ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5801215169.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3203478e2a79d295f249396ca8ae8cd6a6831ed29c46502e1325410f10c86c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: qB.PWMX_9jr.dwLcgwmM.6jMGC6beR3N
via: 1.1 cb643617ee4bca09492409ac12401bfc.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 66519
x-amz-expiration: expiry-date="Fri, 09 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Sat, 24 Sep 2022 07:17:29 GMT
server: cloudflare
etag: "3e1d91ce838c63d4a2df804daab731ca"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bc5d578-CDG
x-amz-cf-id: 7b84QNdWcSIvxa_WBkLF9XC7rZs2cUgO3CNxiozIdCSqTRF5rSzu_w==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5894103464.jpg
c.tutti.ch/big/ 29 KB
30 KB 104ms
103ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5894103464.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c836c918d088b4787c622f4903327fed59ec8fed36558fdf46bf2ca767873b27

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: zdH3ctoGsD0W8kQnhoOishVk_qUvRMii
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 30195
x-amz-expiration: expiry-date="Tue, 20 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Wed, 05 Oct 2022 07:48:04 GMT
server: cloudflare
etag: "9e8ff473b36e646df508adefb94dbe76"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bcfd578-CDG
x-amz-cf-id: bRgWDyOHilRXtRF94ItTd7M-InPEBsbP5yecAAAgi9FJQ_XY2RTV9w==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5870709191.jpg
c.tutti.ch/big/ 112 KB
113 KB 135ms
133ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5870709191.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732df544e5f36fe721ca860b85632e01a4f8323ebff30418320e0fafc7bec465

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: ul31gmgUBMtuctRZLU9zH4P_qvteew7P
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 115185
x-amz-expiration: expiry-date="Fri, 09 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Sat, 24 Sep 2022 07:32:40 GMT
server: cloudflare
etag: "8e399aca2f82fd3b57e5f823f4488232"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194753bd0d578-CDG
x-amz-cf-id: jwwJ-zGctQItdbEuJI7_MeknoGA0DwDbNZa0Evl2lFBEnasQ7rVKYA==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5854860730.jpg
c.tutti.ch/big/ 50 KB
50 KB 244ms
243ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5854860730.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d986c35e576b6f5a1559a2d3f2891e4b12df1ca8c59dd86eaba3f8e4d1f6419

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: 1J2ddPkRSKGwgIQTQMt1TxXCydfTQBS8
via: 1.1 9d638fe6fe3e82d4d1292fa9e998dfbe.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 51011
x-amz-expiration: expiry-date="Fri, 09 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Sat, 24 Sep 2022 07:24:32 GMT
server: cloudflare
etag: "7e5b11d4bb626b60fee96cc05ee4d3e0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754bdcd578-CDG
x-amz-cf-id: 2jzPhtWOLvMfYPbZlela0YQbIAc5rjTC76eTJTsYf-DubPnG3PvxDw==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5810733526.jpg
c.tutti.ch/big/ 27 KB
28 KB 183ms
182ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5810733526.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bdf0d0738a8dce74af819af4eaa2771edfb01a108431a65f538de91d9a77604

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: biNfYBvbFAz1ILb2WVjADjbg2WvOSJrV
via: 1.1 e94bd6405e7651c50e73077af1691486.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 28127
x-amz-expiration: expiry-date="Fri, 09 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Sat, 24 Sep 2022 07:24:57 GMT
server: cloudflare
etag: "5f841610917144161200043ae98b34a6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754bdfd578-CDG
x-amz-cf-id: bzAIZ8HWZCiHjvNbAVJXN_OjBpCPOx_CBpveDufceLz9L2bznCnMyg==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5804999415.jpg
c.tutti.ch/big/ 59 KB
59 KB 211ms
210ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5804999415.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1900370b2eaa271343a8bcc4cb81d434429a68a6948253ffff89d7161e8f42e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: zQlMfDW_rXAHPaa_jvefBzNYulu...OS
via: 1.1 21cd80a95d2ef60d4456da600a333140.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 60250
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 15:40:31 GMT
server: cloudflare
etag: "ccae084ee7979c8ce57904cd6cd3393a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754be0d578-CDG
x-amz-cf-id: _LrRFfBGhjYwcaTgeAZNgi0qxsF3xwNlEyyY0Qb9c5W6lJJ_7eusxw==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5837495469.jpg
c.tutti.ch/big/ 50 KB
50 KB 159ms
159ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5837495469.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b559eac63e26bd90aa59a9d257de154f6617b880623facba698052dfbf47d631

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: FXiZq7Qc2pfCRVvlGVrQ8yFlU0QV8ImU
via: 1.1 95e3cc9e14ff093ad937f013959268c0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 50772
x-amz-expiration: expiry-date="Tue, 27 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Wed, 12 Oct 2022 17:28:01 GMT
server: cloudflare
etag: "171d2b65587095e1cb2580fef8bf7294"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754be2d578-CDG
x-amz-cf-id: N06DnbNZhX7eZtDqwM_A-0iNA8dL8tB3iYwQgozhvYWqAoPSqIml3g==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5808801192.jpg
c.tutti.ch/big/ 173 KB
174 KB 235ms
234ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5808801192.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dd31eab19c08109f66b037bf1de7b710629af2ca9613793e9332f18205e90dc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: zHE1pjGVyxj4.9UiS7UpWlS6ZZuiaU_I
via: 1.1 0c6da51d9831b33488b399cfc38cafda.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 177196
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 15:21:00 GMT
server: cloudflare
etag: "e7b05016b6ede7cbbfcbe75340f2328b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754be3d578-CDG
x-amz-cf-id: 0-T52n2LVFvElunA-PNHkCHpyG2aIOQ93ZMbjijbuxDklKIpV-12NA==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H/1.1 200
OK exklusives-freistehendes-einfamilienhaus-mit-sauna-st-ursen
cis01.immoscout24.ch/ 114 KB
114 KB 186ms
60ms Image
image/jpeg 91.208.180.148
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cis01.immoscout24.ch/exklusives-freistehendes-einfamilienhaus-mit-sauna-st-ursen?640x480/3/90/is24media/a0/d3/71df7bee44-221010.jpg

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.208.180.148 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

cis01.immoscout24.ch

Software

nginx /

Resource Hash

b1d2e4b7a4167fcd9bdb7d1f75be50b0bcc5829cd9eafd043ec1ca522b0f5b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:33:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=604800, public, no-transform
Expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 5843542012.jpg
c.tutti.ch/big/ 20 KB
21 KB 282ms
281ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5843542012.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8a7deef39495213f57fbee09ece6c13b77fb9266801cbca5d91d6f72e2414a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: c4HIgxvwtwv9lLcJhaK9wXGXNYSGRs7m
via: 1.1 bc66fd12bea603144bf0b6c1578cb3e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 20968
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 16:49:29 GMT
server: cloudflare
etag: "975e423a9e6339e7257d417809abe180"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754be8d578-CDG
x-amz-cf-id: QO2R3cGJrdAsDZayxVrTCT6dvLbhClD3VuIji2mZKFJB0re3fX1vZg==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5859553401.jpg
c.tutti.ch/big/ 53 KB
53 KB 217ms
216ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5859553401.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26375ce577be9c56030cda192c930bcf7642d098e8d69004bd903f7d3624d83d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: YJhrZMLl0yrleWVXqRPpZe.yJiooBdl6
via: 1.1 d9a3650110a8e2b78edd73b33e0fa948.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 54142
x-amz-expiration: expiry-date="Tue, 27 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Wed, 12 Oct 2022 17:28:01 GMT
server: cloudflare
etag: "0b99edd143c117419637039ca19a4abe"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754be9d578-CDG
x-amz-cf-id: crAsQSJniV-TxOkmloKMvSAzPWSctnkqDl3bWe3FLLLoRegFXj4YBA==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5809350783.jpg
c.tutti.ch/big/ 48 KB
49 KB 188ms
187ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5809350783.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3484ff4e604680dc171fab3cefa8bffdd18700e1c7e279def6fb0031c88f93

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: ZOIhHyxNx1dQoBIVy.0iGub2RIOCaZpT
via: 1.1 11bc309875abf4cdfea734f39118b58e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Miss from cloudfront
content-length: 49547
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 15:37:09 GMT
server: cloudflare
etag: "e929a5f0068bf1fde5587d0f62bdf867"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754bead578-CDG
x-amz-cf-id: Msw3ohuV7wUBzzDSSdKGpfOWD4t2M6t7-i3iSdJ-83cmFroF1uyAhg==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H2 200 5815414857.jpg
c.tutti.ch/big/ 34 KB
35 KB 111ms
110ms Image
image/jpeg 2606:4700:4400::ac40:963e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tutti.ch/big/5815414857.jpg
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:963e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bdd7a63870fa439db956d108dbe0942b68141133f1ac6c6b621d95289e45f2c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
x-amz-version-id: gvhlMRpC5Aw3tXpK4xrvtPuFeBW3aDb0
via: 1.1 b4415e223ef4b4a1db5d4b79b555fe2e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P4
x-cache: Hit from cloudfront
content-length: 34813
x-amz-expiration: expiry-date="Thu, 08 Dec 2022 00:00:00 GMT", rule-id="tf-s3-lifecycle-20220601071100906000000001"
last-modified: Fri, 23 Sep 2022 15:42:26 GMT
server: cloudflare
etag: "9fac3bfefcf10b59693e60123ed7eb2e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 759194754bebd578-CDG
x-amz-cf-id: YDMPBLqePyn-5pwTP9UcEdeewSuSRx8EuMxH9AUf8ydU_K4i0jxCMw==
expires: Wed, 12 Oct 2022 21:33:19 GMT

GET
H/1.1 200
OK /
can01.anibis.ch/ 125 KB
126 KB 194ms
63ms Image
image/jpeg 91.208.180.149
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://can01.anibis.ch/?1024x768/3/60/anibis/164/828/044/xyDkIz09Dk67nRxLgqBRJQ_1.jpg

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

can01.anibis.ch

Software

nginx /

Resource Hash

a251635baf0f6979ce762c9492376adfdef695db2caf5d1864e9bea5b0ea0f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:33:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: max-age=604800, public, no-transform
Expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H/1.1 200
OK sanierte-5-5-zimmer-wohnung-mit-schoener-bergsicht--buchs-sg
cis01.immoscout24.ch/ 40 KB
41 KB 185ms
60ms Image
image/jpeg 91.208.180.148
SUNRISE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cis01.immoscout24.ch/sanierte-5-5-zimmer-wohnung-mit-schoener-bergsicht--buchs-sg?640x480/3/90/is24media/81/cc/5f62ac404f-221010.jpg

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.208.180.148 , Switzerland, ASN6730 (SUNRISE, CH),

Reverse DNS

cis01.immoscout24.ch

Software

nginx /

Resource Hash

fe111a3f40efdb21908bc0c699b4d9227fdc06088354de838ec17139e729e960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:33:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=604800, public, no-transform
Expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 te.png
trovas.ch/img/ 3 KB
3 KB 111ms
106ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/te.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

525755950785df85bb06dcd4ab5c63cb670572b00715ed0cc43d4d34ee82c4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "c6f-5673a02c85200-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 fr.png
trovas.ch/img/ 10 KB
10 KB 80ms
75ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/fr.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

402521e0a503eff45497c1e69391cdd1afb21ede21e86cd0244595124f2b036b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "293f-59fbfd0034b40-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 ez.png
trovas.ch/img/ 16 KB
15 KB 85ms
80ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/ez.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

eef006a4cf5c63e455b4c53c71af64bcac2e5d29067687374fe6448f897fd9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "3ed0-5dfeba66ca580-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 ca.png
trovas.ch/img/ 6 KB
6 KB 85ms
80ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/ca.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4dd4356eed1998b7f8aad2a9a22c7ff3267986df0c848c8c47abc8cfad56c0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "169c-5673a02c85200-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 mo.png
trovas.ch/img/ 6 KB
6 KB 92ms
87ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/mo.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

590f420ac82bae850c481452aaa3cd5947e51a2321da976ad875f473f1ee995f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "16a8-5673a02c85200-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 mobilu.jpg
trovas.ch/img/ 31 KB
19 KB 96ms
91ms Image
image/jpeg 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/mobilu.jpg

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9baec16479d7fa8b911babff75e376fb8dd74a0dd02aac1e38f2950ad0d87c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "7bc4-5c1e0a9040000-gzip"
vary: Accept-Encoding,Origin
content-type: image/jpeg
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 tm.png
trovas.ch/img/ 8 KB
8 KB 64ms
60ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/tm.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

dffe7432c5964e20291152648ab71caed1c6ca5d56273c573bb4baaaea448394

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "20de-5dd80bb91cc00-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 jo.png
trovas.ch/img/ 6 KB
6 KB 62ms
57ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/jo.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8f92ba5f278ac1af0b55eda06a7622dbeb751af75058dd3ac3a89583147fc5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "163b-5673a02c85200-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 da.png
trovas.ch/img/ 4 KB
4 KB 101ms
97ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/da.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

af72532f4cbdf02cfa765aa03b94f26891056136014b3a51dbd098f72c730c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "ffe-5673a02c85200-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 fo.png
trovas.ch/img/ 18 KB
18 KB 106ms
102ms Image
image/png 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trovas.ch/img/fo.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c4a1e8fd9c3afc72f85b57dd4768e3bfcbb5fc9d48709c126855f7bf605b0066

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
etag: "4965-56f9d0bea3400-gzip"
vary: Accept-Encoding,Origin
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 augusta.js Show response
trovas.ch/detroitchicago/ 2 KB
990 B 49ms
46ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/augusta.js?cb=24
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 958

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 176 KB
44 KB 267ms
27ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: trovas.ch
URL: https://trovas.ch/tardisrocinante/austin.js?cb=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:09:24 GMT
content-encoding: gzip
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 22:15:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1436
x-amz-server-side-encryption: AES256
etag: W/"13600701857be6a3c4cd98a7b8e7133a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: DG8gexd28_gncmu0uknBGCQMd0wwe8MnZvSscrD-pwN2LnsphXKqQw==

GET
H2 200 cmbv2.js Show response
trovas.ch/detroitchicago/ 44 KB
12 KB 55ms
52ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 1e537a9e4e6a6698e69747f0cc8cbc246a08fb9bd74de3e4824d69aff0387404

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 Simple-Line-Icons.woff2
trovas.ch/assets/iconfonts/simple-line-icons/fonts/ 29 KB
30 KB 77ms
74ms Font
font/woff2 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/assets/iconfonts/simple-line-icons/fonts/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: trovas.ch
URL: https://trovas.ch/assets/iconfonts/simple-line-icons/simple-line-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://trovas.ch/assets/iconfonts/simple-line-icons/simple-line-icons.css
Origin: https://trovas.ch
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
etag: "7570-5d27b1a715a80-gzip"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://trovas.ch
cache-control: public, max-age=2592000
vary: Accept-Encoding,Origin

GET
H2 200 fontawesome-webfont.woff2
trovas.ch/assets/iconfonts/font-awesome/fonts/ 75 KB
75 KB 101ms
98ms Font
font/woff2 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trovas.ch/assets/iconfonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: trovas.ch
URL: https://trovas.ch/assets/iconfonts/font-awesome/css/font-awesome.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://trovas.ch/assets/iconfonts/font-awesome/css/font-awesome.css
Origin: https://trovas.ch
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
display: staticcontent_sol
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Tue, 11 Oct 2022 17:46:29 GMT
server: Apache
etag: "12d68-5d27b1a250f40-gzip"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://trovas.ch
cache-control: public, max-age=2592000
vary: Accept-Encoding,Origin

GET
H2 200 houston.js Show response
trovas.ch/detroitchicago/ 5 KB
2 KB 67ms
66ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/houston.js?gcb=12&cb=29
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 17856b64c92a34c95321310bee7790196468634d6cd2435e6cb6b6f6b6c2335e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H3 200 / Show response
basher.ezodn.com/ 1 KB
1 KB 61ms
36ms XHR
application/json 2606:4700:e0::ac40:661c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=174954&bf=90&dc=1254144
Requested by: Host: trovas.ch
URL: https://trovas.ch/porpoiseant/banger.js?cb=195-12&bv=164&v=67&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:661c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f6a0898335a919a8bdbb19bbf18203a92ea4f7b78fc6d19ebcd68747fd6cbc

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://trovas.ch
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FPcG7AFVeG3EWn%2B2CTQxCpVLjvxzWvgf0xowRVhtV70amPCa9lwMuwgAXe%2FjVwNHpeeAJ%2BCgbTUG4gqLY69F0O6tggM0iZD2laoyxXoqTD9i7CELkv6MnDSdtZHB0WapxBzbwUF1RTrmxCJq%2BhM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 75919475dbd3b978-AMS
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 108ms
32ms Preflight
application/json 2606:4700:e0::ac40:661c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=174954&bf=90&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:661c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://trovas.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://trovas.ch
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 759194757957b7a0-AMS
content-length: 0
content-type: application/json
date: Wed, 12 Oct 2022 17:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcqd7Gple5dI9IPVVto8drV2Cnul53HW5Fu%2FuNLoOMoIHZdsm5HWFM0%2BCVBZ6aDZ1kLT1FYcHVKKICVkkuiXVfbR3Joohb5fl9MYx8UP5UU57NF7fcgqkv%2FqfCkm4FeIjFRKAsgZbWW4FZIa9aWb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 nmash.js
trovas.ch/porpoiseant/ 23 KB
6 KB 40ms
39ms Other
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/nmash.js?v=164
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 72dfec3187ef36ae6552efdf60288b6a582b742503f19a238272e577a3d1f6b6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex

GET
H2 200 pubads_impl_2022100402.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3c648447514db2f2f7c8f04b3ac0b1cf1e8ea00fe8c743f427f63d938a198c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131498
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 18:24:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Oct 2023 16:54:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 124 B
118 B 87ms
35ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2253dfa5eed58fa6b13a6ccef032092f84a0969548330b707d3b6e890b2a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Wed, 12 Oct 2022 17:33:19 GMT

GET
H2 200 imp.gif Show response
trovas.ch/detroitchicago/ 43 B
156 B 41ms
40ms XHR
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22FR%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1147%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22d94fc5e4-e230-4741-7354-0448ff1f9fc8%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A32501%2C%22response_time_orig%22%3A1879%2C%22serverid%22%3A%2218.184.214.151%3A27979%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1147%22%2C%22t_epoch%22%3A1665595997%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1215%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Tue, 11 Oct 2022 17:33:19 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 128ms
26ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 19 Oct 2022 17:33:19 GMT

GET
H2 200 cmbdv2.js Show response
trovas.ch/detroitchicago/ 41 KB
10 KB 48ms
47ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/cmbdv2.js?gcb=195-12&cb=03-8y0c-6y18-5y5c-22&cmbcb=114&sj=x03x0cx18x5c
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: fabd09e68dec689e1deb5022c20a2b70498c2ae62b6b8887be58a06cf3b82b95

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 99ms
42ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QHQ1LQ4N2D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4377331-90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c17903a7fa2d3c5bb336c8967db7ad0bde4009b082926b3e11629e857298cbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 17:33:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 92ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4377331-90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 17:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1042
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 12 Oct 2022 19:15:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 150ms
38ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 96ms
34ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
646 B 439ms
439ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1104944305879657&correlator=657095873774716&output=ldjh&gdfp_req=1&vrg=2022100402&ptt=17&impl=fifs&iu_parts=1254144%3A22622730495%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=3350988234&sfv=1-0-38&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D2339279495024372%26eid%3D2339279495024372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-2339279495024372%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D90%26br2%3D46%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C3676%2C2030%2C787&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1665595999665&lmt=1665595999&dlt=1665595999351&idt=277&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrovas.ch%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1981211437.1665596000&ga_sid=1665596000&ga_hid=1463656026&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c4a216aed848d8cd3d572fdc2b43bec6714664b498d994c66a14ebb3d08404d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 616
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F7C9 6 KB
4 KB 141ms
32ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:33:19 GMT
expires: Thu, 12 Oct 2023 17:33:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 209 B
680 B 99ms
27ms Script
application/javascript 2600:9000:2057:4200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:28:59 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Sun, 28 Aug 2022 10:04:35 GMT
server: AmazonS3
etag: "2c2aa94f66b2314987910c0f30e6c098"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: XitXhdbi-fckjwsPSHESUyqPV2S0v1XIwy3nMNmiBOdDkJNa3bD_9g==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 86ms
32ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1463656026&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&ul=en-us&de=UTF-8&dt=Petites%20annonces%20gratuites%20en%20Suisse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1047034376&gjid=2126991209&cid=1981211437.1665596000&tid=UA-4377331-90&_gid=2014889582.1665596000&_r=1&gtm=2ouaa0&z=456677854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
342 B 76ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QHQ1LQ4N2D&gtm=2oeaa0&_p=1463656026&cid=1981211437.1665596000&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665595999&sct=1&seg=0&dl=https%3A%2F%2Ftrovas.ch%2F&dt=Petites%20annonces%20gratuites%20en%20Suisse&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QHQ1LQ4N2D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 69ms
23ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4377331-90&cid=1981211437.1665596000&jid=1047034376&gjid=2126991209&_gid=2014889582.1665596000&_u=YAhAAUAAAAAAACAAI~&z=1832685658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Oct 2022 17:33:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 27ms
27ms XHR
application/json 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftrovas.ch&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 062ad981e9b2f70100d314e75af6f377e324914a5b4a1a6709c593490c100f9a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:36:11 GMT
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 14227
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trovas.ch
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1132
x-amz-cf-id: kBBhbmnakyD33qv9fYeyEwSKA5ZhSGQbKGgsz0U_bhZK9OLBQEiJlg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
457 B 158ms
62ms XHR
text/javascript 108.157.6.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftrovas.ch%2F&pid=9EvlyzBdk0Ul7&cb=0&ws=1600x1200&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-trovas_ch-box-2-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22622730495%2Ftrovas_ch-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-trovas_ch-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22622730495%2Ftrovas_ch-medrectangle-2%22%7D%5D&schain=1.0%2C1!ezoic.ai%2Ca23a53f1c9464013937c72731882aac9%2C1%2C%2C%2Ctrovas.ch&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.6.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-6-231.dus51.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: FXYJGMQ1YZR742BAHT3T
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://trovas.ch
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tniD9B517bBQwdHpYyoWldjnwMuC30oxvbqLcxnUMqtyQBuu8rSi6A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 68ms
22ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding: gzip
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date: Wed, 12 Oct 2022 01:59:41 GMT
x-amz-cf-pop: FRA56-P6
age: 56019
x-cache: Hit from cloudfront
last-modified: Thu, 06 Oct 2022 01:32:47 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: m-wLTjFFiVRvYsGZq1OTP-UKXJc7VRaKEm_-HqmuoL4_08Z_BegRdg==

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
551 B 116ms
22ms Image
image/gif 2600:9000:223d:6400:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1028224577;fpan=1;fpa=P0-334311247-1665595999925;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;ref=;cm=;gdpr=0;d=trovas.ch;dst=0;et=1665595999925;tzo=0;url=https%3A%2F%2Ftrovas.ch%2F;ogl=image.https%3A%2F%2Ftrovas%252Ech%2Fimg%2Ftr%252Ejpeg

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:6400:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 02:01:57 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 55884
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: vorDOt8ZhBMYsiAIELu7jTVFK7ux64eBUqSKFTLsbGKwdN_aEW--xg==

GET
H2 200 pixel;r=1847573377;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=0;fpa=P0-334311247-1665595999925;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221...
pixel.quantserve.com/ 35 B
372 B 60ms
26ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1847573377;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=0;fpa=P0-334311247-1665595999925;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=trovas.ch;dst=0;et=1665595999927;tzo=0;ogl=image.https%3A%2F%2Ftrovas%252Ech%2Fimg%2Ftr%252Ejpeg;ses=a2ceeca0-2704-40b6-9ea7-ded5e601d139

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 450 KB
131 KB 873ms
775ms Script
text/javascript 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX65WOCF&hst=trovas.ch&ver=1.2

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-164.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

32f1f26bd9659b03856ce10a1e9b56c9bd480f853e26e9c85bad7b84095a096f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Wed, 12 Oct 2022 17:33:20 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Wed, 12 Oct 2022 18:03:20 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 93ms
40ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: 8NTWXNZC06C1QFAP
age: 1216
etag: W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 759194780cb5f138-CDG
x-amz-id-2: yAMTr3YXMJDwbPnaXzF8SzY2aXyCrXpfFWYGYzE/kJnAB64aGg4jUtfUgB6RIurNB+YxzqQkql8=

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 89ms
33ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
35ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 639ms
639ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1104944305879657&correlator=779407961130358&output=ldjh&gdfp_req=1&vrg=2022100402&ptt=17&impl=fifs&iu_parts=1254144%3A22622730495%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&adks=139158085&sfv=1-0-38&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D2967655179004955%26eid%3D2967655179004955%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1147%26sap%3D1147%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-2967655179004955%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D12%26bvm%3D0%26bvr%3D2%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D80%26br2%3D42%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D38%2C131%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C3676%2C2030%2C787&eri=1&cust_params=amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1665596000022&lmt=1665596000&dlt=1665595999351&idt=277&adxs=315&adys=237&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrovas.ch%2F&frm=20&vis=1&psz=984x250&msz=970x250&fws=4&ohw=1600&ga_vid=1981211437.1665596000&ga_sid=1665596000&ga_hid=1463656026&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ffa1b6bd920dcecc467b733087c29c27a8091f7be5f28efcb72e0a110a59c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11644
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trovas.ch
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
323 B 81ms
22ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533570.ip-162-19-138.eu
Software: /
Resource Hash: 886abda00e50a0b809453437aed2488cd77591129d4538385f5b57ebac6c7303

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:19 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
224 B 198ms
23ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: fe9fbd45b2554aab729f4b837b53b5d12da7df95b2a2b0b6dda08b41238e2c30

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:20 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 204 greenoaks.gif Show response
trovas.ch/detroitchicago/ 0
22 B 24ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTY2NTU5NTk5NywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMTAtMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImQ5NGZjNWU0LWUyMzAtNDc0MS03MzU0LTA0NDhmZjFmOWZjOCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2NjU1OTU5OTcsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiNzM4In1dfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:19 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:19 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 216 B
619 B 81ms
24ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

fbea24b4325d3f3a53e4c8382b6112f95bd92582114aa610b5b4f5cedb916d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 92ms
20ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:55:35 GMT
content-encoding: gzip
age: 441465
x-guploader-uploadid: ADPycdv6JtpH5WT2QiXNwaTkpIXeWfcQtkxiSdw45gHGvzNclLza5AnpMc1a1z682OxfdEe7YVPic-Srg0kYv00GQMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 07 Oct 2023 14:55:35 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 233ms
36ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d43a78c0afdaab62e85c43f804e0f994d57679d9a959a40686498c5ef6b4e6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Oct 2022 17:33:20 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 601ms
166ms Script
application/javascript 34.208.243.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
cache-control: public, max-age=86400
last-modified: Tue, 11 Oct 2022 20:07:24 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
16 KB 28ms
27ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: 5QH747T6CX3E9MNM
age: 523
etag: W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7591947c4e4ff138-CDG
x-amz-id-2: IkrFAKDWozmMasBY7KMRLS/nBTkcTY2TMSK6MtLJDG1YibW3MdAdDsQyi9clhjGF/Ap6/scRX4M=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 91ms
20ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:27:27 GMT
via: 1.1 google
age: 353
x-guploader-uploadid: ADPycdt_Td-nmuh3S1rinyX7scAxUn1n5eOFOj0s-py_l122tUq2t_fwVMR0jrtsyT2LZZJT9rdt1NVpFesnUfCn_0WrCQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Wed, 12 Oct 2022 18:27:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 29 KB
9 KB 114ms
34ms Script
text/javascript 18.66.248.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-55.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:22:08 GMT
content-encoding: gzip
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 18:12:40 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 36673
x-amz-server-side-encryption: AES256
etag: W/"2fa1275c04d6208db458c1ec8559f92d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: y1G46JbHUP9bQ3mEvN_LOJyUh9N8NaXqWGjfNCQ94U-qK6MzjfrGtw==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 428ms
117ms Script
application/javascript 3.12.31.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.31.10 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-31-10.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210010655000/ Frame C2F1 220 KB
61 KB 122ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210010655000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1372b8e93b2564430b5d25a73adcb314332c3ef8987b54835ec1126dd273e82

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 19:07:52 GMT
age: 167128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61531
x-xss-protection: 0
server: sffe
etag: "fad38abc3cd3dde4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 19:07:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210010655000/v0/ Frame C2F1 14 KB
5 KB 164ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6690c943dc6916f073007014274995c4b63a8c3342c9f0e38a2d5f6f553b70c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 19:07:52 GMT
age: 167128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5197
x-xss-protection: 0
server: sffe
etag: "d89cb332ee00a9b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 19:07:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210010655000/v0/ Frame C2F1 94 KB
28 KB 169ms
74ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210010655000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9c25362d77ed9e7fc9b09c4f90f1cd5f7e63a779553ea96db425b33aa0f90e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 19:07:52 GMT
age: 167128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28826
x-xss-protection: 0
server: sffe
etag: "c27c5264082b6b5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 19:07:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210010655000/v0/ Frame C2F1 5 KB
2 KB 177ms
82ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210010655000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e72f7b38ac1a9a336b5fec2e0dc150dc214c3972e323dfbd043cdd082e2575d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 19:07:52 GMT
age: 167128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "92732a03a38ee2ae"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 19:07:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210010655000/v0/ Frame C2F1 40 KB
13 KB 91ms
83ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210010655000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a360d92d9084610217bbc9228381fc071268b72659333f62d7351a221660efa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Oct 2022 19:07:52 GMT
age: 167128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12937
x-xss-protection: 0
server: sffe
etag: "ddfc39a99ff4d103"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 10 Oct 2023 19:07:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C2F1 7 KB
818 B 106ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500|Roboto:300&lang=fr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

811063d8d9a235a9ecdb67b07b0908b9581323705bbcac3cb86d507a1b639cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 17:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 17:33:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C2F1 5 KB
1 KB 104ms
36ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c17247f5867ef17b7d71808496e8dfccdc98354621967e32ff6c8fd1016541e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 17:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 17:01:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 17:33:20 GMT

GET
H2 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2F1 3 KB
3 KB 87ms
26ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:52:08 GMT
x-content-type-options: nosniff
server: cafe
age: 2472
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Thu, 13 Oct 2022 16:52:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C2F1 295 B
399 B 88ms
27ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
age: 28416
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Oct 2022 09:39:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C2F1 0
0 82ms
80ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs1dwYPpGY7bGB4nlgAfU9ozoD9CBiN5skaaf-ZEN2tkeEAEg9PnGJWD7gYCAnAqgAYONqMYDyAEGqQLoyc8t4kqwPuACAKgDAcgDCqoE1AFP0CC_SSbwu-grTm2n1jOoTcEoQfwHKRl6D7gN3Zs9N8a7LjrzamFSPUzs28m-N-usg4g-Md_7WxvYS6WyiiIwE6Z6lj7rQ8LSmVXWr0k97C6N3Xlp-nxTlgvJPt2wTVdHRA9uG3Xic2vzt152nZ9sHr9I_JMkcggUDqgZ-kopi_OtavgufxMJyic6TbToXxcU9DeNazqniyHvTs4fOOcYsRURWRCvtKrVveCbtyjsmxjglpABb7U9b45nggW9rmU0UKqNaXaV69n6Vidz1-OmtLFoz8AErqCUoqAB4AQBkgUECAQYAZIFBAgFGASgBjeAB-Xy1zmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCe-kDSCBIIiOGAEBABGB0yA6qCAToCgEDyCBthZHgtc3Vic3luLTIxNzY5Mjg3NzA5NzMzODGACgPICwHYEw2IFGrQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOBi-yQc&sigh=j1tGWVwX3b8&uach_m=[UACH]&template_id=492
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame C2F1 42 B
646 B 164ms
27ms Image
image/gif 3.123.131.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1075794732&gdpr=&gdpr_consent=&adid=1081378668&ord=3564603398
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.131.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-131-103.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:20 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 42
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C2F1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55613cad6b0c39593e31d97087084125fb26f2163f565485e5ae577443dc5a28

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 greenoaks.gif Show response
trovas.ch/detroitchicago/ 0
61 B 25ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjEzNDYifV19XQ==
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:20 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:20 GMT

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
61 B 28ms
25ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjk2NzY1NTE3OTAwNDk1NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExNDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyOTY3NjU1MTc5MDA0OTU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJhZF9wb3NpdGlvbiI6MTE0NywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiZGZhNjBjZWU2ZTEwNTNmYzBjOWU2MDdjODA0N2JkMjgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI5Njc2NTUxNzkwMDQ5NTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2NjU1OTU5OTcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDgsImFkX3Bvc2l0aW9uIjoxMTQ3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA4LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI5Njc2NTUxNzkwMDQ5NTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2NjU1OTU5OTcsImFkX3Bvc2l0aW9uIjoxMTQ3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImQ5NGZjNWU0LWUyMzAtNDc0MS03MzU0LTA0NDhmZjFmOWZjOCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjk2NzY1NTE3OTAwNDk1NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExNDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:21 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:21 GMT

POST
H2 204 army.gif
trovas.ch/porpoiseant/ 0
16 B 25ms
24ms Ping
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjk2NzY1NTE3OTAwNDk1NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExNDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMTAtMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://trovas.ch
x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:20 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:20 GMT

POST
H2 204 army.gif
trovas.ch/porpoiseant/ 0
16 B 25ms
24ms Ping
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjk2NzY1NTE3OTAwNDk1NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYXVjdGlvbl9lcG9jaCI6MTY2NTU5NjAwMSwiYWRfcG9zaXRpb24iOjExNDcsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJiaWRfZmxvb3JfaW5pdGlhbCI6ODAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjo4MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjcxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://trovas.ch
x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:20 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:20 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
318 B 72ms
23ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H3 200 encrypt Show response
esp.rtbhouse.com/ 221 B
238 B 85ms
46ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d1acb565e0679c25262d25e143e7f783140a84d90edeb5cea945ce49db57ca94

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 45d3182f765f38e3c62fd39abd0430d8
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 97ms
40ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trovas.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://trovas.ch
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 12 Oct 2022 17:33:20 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 76d13271407464238d650bea1906547c

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ftrovas.ch%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ftrovas.ch%2F&rid=esp&cc=1

85 B
103 B

174ms
153ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ftrovas.ch%2F&rid=esp&cc=1
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: cd7d101ac96fbbdfd47d5f427b9376c786588d1aaa1239bede5543c6a6abd167

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-VAkv+n5sq2apCXWp88pf1whz99k"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trovas.ch
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 12 Oct 2022 17:33:20 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://trovas.ch
location: /esp?url=https%3A%2F%2Ftrovas.ch%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 20 B
303 B 102ms
28ms XHR
application/json 52.212.128.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.128.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-128-245.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

expires: 0
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://trovas.ch
cache-control: no-cache
x-server: 10.45.17.19
access-control-allow-credentials: true
content-length: 20
x-consent: absent

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2F1 15 KB
16 KB 88ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500|Roboto:300&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trovas.ch
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 446751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 13:27:29 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame C2F1 44 KB
44 KB 88ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500|Roboto:300&lang=fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trovas.ch
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:26:32 GMT
x-content-type-options: nosniff
age: 598008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:26:32 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C2F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

103ms
44ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

date: Wed, 12 Oct 2022 17:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
205 B 26ms
26ms Image
image/gif 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-164.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
strict-transport-security: max-age=604800
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
content-type: image/gif
cache-control: max-age=740300
accept-ranges: bytes
content-length: 43
expires: Fri, 21 Oct 2022 07:11:40 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 272ms
24ms Image
image/gif 184.24.11.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.11.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-11-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 17:33:21 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=496287
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 18 Oct 2022 11:24:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9C45 15 KB
6 KB 194ms
21ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=trovas.ch

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:33:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 865925
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 2FF0 0
176 B 97ms
25ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 12 Oct 2022 17:33:21 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9C45
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=trovas.ch&sn=ChromeSyncframe&so=0&topUrl=trovas.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uDSf43xHOG92R3Ftd09ZbmhpVUtzNWR0bHJpR05VVFNYb1MzYUVvVHBGTmdVYlVkcmtkYVdzVU9JenRma3pheHhNem5jazdvRk0zZFo2ZHBOMFpSUFNNODF5blNPTGZJL1VoZUNZUjZaUncrSmNFbjgrZ1lUOUJhQlFycG...

425 B
654 B

429ms
22ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uDSf43xHOG92R3Ftd09ZbmhpVUtzNWR0bHJpR05VVFNYb1MzYUVvVHBGTmdVYlVkcmtkYVdzVU9JenRma3pheHhNem5jazdvRk0zZFo2ZHBOMFpSUFNNODF5blNPTGZJL1VoZUNZUjZaUncrSmNFbjgrZ1lUOUJhQlFycGx4YWYyUHhiVXd5SFhoa0REM1g2ZkhDYTlRQVRvd1RYWVlmbW1YbEhzNEZkTUdmUlRnSGxGMFhDa1M5ZUxOY2tRc3BtZUNGWXZ0Y1BzZ0UwV3ZFTDdXek1IazFYcCtoL2ttU1V5akdCemJzd1RSayt5YmlZQ0UvWVRZQnM0K1lYdkMwOHFDcWNkeEswaE4rd3lObXhlTGc2TUpod2NUZz09fA&cppv=2

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

595dcd9e85d7347e1a3f12b245164b460a77942446b96ab873e417866f0b8c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2376173
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=uDSf43xHOG92R3Ftd09ZbmhpVUtzNWR0bHJpR05VVFNYb1MzYUVvVHBGTmdVYlVkcmtkYVdzVU9JenRma3pheHhNem5jazdvRk0zZFo2ZHBOMFpSUFNNODF5blNPTGZJL1VoZUNZUjZaUncrSmNFbjgrZ1lUOUJhQlFycGx4YWYyUHhiVXd5SFhoa0REM1g2ZkhDYTlRQVRvd1RYWVlmbW1YbEhzNEZkTUdmUlRnSGxGMFhDa1M5ZUxOY2tRc3BtZUNGWXZ0Y1BzZ0UwV3ZFTDdXek1IazFYcCtoL2ttU1V5akdCemJzd1RSayt5YmlZQ0UvWVRZQnM0K1lYdkMwOHFDcWNkeEswaE4rd3lObXhlTGc2TUpod2NUZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 500337
content-length: 0
expires: 0

GET
H2 200 log
l3.aaxads.com/ 35 B
173 B 93ms
31ms Image
image/gif 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=318&dgw=desktop&flg=AAX65WOCF&fw=PARIS&ff=FR&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=trovas.ch&vhuyqdph=ssp-serving-blue-59c8b9958c-np2d8&vyu=100509_456_100610_414_ssp&vf=IDF&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001665596000955006246656007172&vvsDeExfnhw=CONTROL&oz=1&gdss=blue&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=317&fhqg=36&hqg=71&gvwduw=36&fvwduw=35&vwduw=36&uhtxuo=https%3A%2F%2Ftrovas.ch%2F&nzui=
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 12 Oct 2022 17:33:21 GMT
content-length: 35
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 109ms
40ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100402&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbb9382967ff72de18d7e26e47dd0bed76fa9d73f5fb766a656996595fc78f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11220
x-xss-protection: 0

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame 367D 22 KB
9 KB 316ms
316ms Document
text/html 184.24.12.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAX65WOCF&fv=1&fy=37&ke=1&suylg=195%2C250%2C371%2C251%2C271%2C369%2C206%2C291%2C159%2C97%2C229%2C241%2C263%2C265%2C108%2C306%2C292%2C175%2C310%2C336%2C218%2C219%2C367%2C272%2C213%2C203%2C209%2C356%2C282%2C267%2C325&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX65WOCF&hst=trovas.ch&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.12.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-12-164.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eb3963da120110b1c7bf93aab0b5161a8c3c73999f20a74594bba084be87b1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8695
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 17:33:21 GMT
expires: Fri, 14 Oct 2022 17:33:21 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 110ms
56ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 17:33:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4948 13 KB
5 KB 26ms
24ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 2117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 16:58:04 GMT
expires: Thu, 12 Oct 2023 16:58:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A5D 783 B
535 B 90ms
34ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4db516c810f70fe59806f7dfdbd2d8f66113bd2a059a8a4fb933daecc4eb3bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N7ST3AnojPm0Xo07uO_xcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-N7ST3AnojPm0Xo07uO_xcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 17:33:21 GMT
expires: Wed, 12 Oct 2022 17:33:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4948 36 KB
16 KB 77ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YGBXjHGFrvOS8X60wpRSOm_fLYxf6hdhmLaY3J7KaRQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16102
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 16:58:05 GMT

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 367D 35 B
296 B 243ms
169ms Image
image/gif 95.101.200.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3085976016569706000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX65WOCF&fv=1&fy=37&ke=1&suylg=195%2C250%2C371%2C251%2C271%2C369%2C206%2C291%2C159%2C97%2C229%2C241%2C263%2C265%2C108%2C306%2C292%2C175%2C310%2C336%2C218%2C219%2C367%2C272%2C213%2C203%2C209%2C356%2C282%2C267%2C325&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-200-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:21 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 12 Oct 2022 17:33:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A5D 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100402&jk=1104944305879657&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
62 B 24ms
24ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjk2NzY1NTE3OTAwNDk1NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTQ3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:22 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:22 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4948 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o4zM5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C2F1 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiQiuqP3phTTeil8BxYPeldoPwOj3ttvW397hLGbF3_WETrxpMqKMcL4_yPrU2Dm01mtKrmw6MIJ57NDCkhz4ywEhL7hBLimVXoY2E02ojJPAYUrgdJ2wkOy1h1MYq75uhiYjP7wU&sai=AMfl-YR1UgqHYSIzpqxFZHQyFei197F-kLPGkBfIwkokQOY_-S7kP05pxZQ06EsJ2RdE_GY7Tyf-0cHeHKXfYnTvAXw0QbKLb-aU0P7AXCm4NOwlovn6MURPvWJbgc7rNyEMuBI&sig=Cg0ArKJSzLx78b0941opEAE&id=ampim&o=315,237&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=381&tls=1381&g=100&h=100&tt=1381&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
16 B 24ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjk2NzY1NTE3OTAwNDk1NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExNDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzk3MCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyOTY3NjU1MTc5MDA0OTU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJhZF9wb3NpdGlvbiI6MTE0NywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI5Njc2NTUxNzkwMDQ5NTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2NjU1OTU5OTcsImFkX3Bvc2l0aW9uIjoxMTQ3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImQ5NGZjNWU0LWUyMzAtNDc0MS03MzU0LTA0NDhmZjFmOWZjOCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTkyIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:21 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100402&jk=1104944305879657&bg=!goGlgcXNAAYqRg79CkY7ACkAdvg8Wu6OKQCG_K-sEnaDSB5r6yNvu90hxFE3G-MJTXo4IN96F7TjFwIAAABcUgAAAAJoAQeZAqb3Rt6NdDxxtxppi1XDZZ5Pkjn_VmobuWwCbXV_wWJfmn-lHkeuXk08dRaUI2ipnB0Y8Eqw-UHciT0dJYI-v5bUmfT-7P-iBhBIA3GQruxVmbbH_XJBv66OOI0esWFk7vReWl488-xFKg9M24dfgB5ovX2P3xngAckjVYIPgvRPeuXlJlllxllVJ0kSMaXgNB3quHY-Cm2e8i3EGkEFYnLGcbDsIxQ25V3rjBB-efwvw8PP2o7B6eqFLXYO3ZWB-mr1KGcYkBZe6Y8PcWP0BqkJwhOq2i4hMC0lMr_V4lht_PQeKWUkQ46oOwbBguA67mEgHez-J5dVfxVL6uOJc6exOK3yF6p6c8lY3lfDPe2zYWWjrQCIyF7fC-3Jglm4a89PQVOhnfYQMJlKp7gDg_Ou2irVCoDxvt39l0XJ1dprxKO9dV9QuyTqap4ehn5Fk5vUFmsSc7PD-_MKZjehO1_QwFZYoeQ-isQHD3bBc6zbIKPln0kxnIWd8jrML4SGiU8EZ6jeK5v_RfGoifX1Jm8owDvkl13La3UBd4uFjgpC91Txa7s2uxlLsofhUnHooGlX9qLoXukuNfz0zyTm8Y2WVYRW46DNDfRuLUw_luNDVwtcpHVqsADNRhGsxVcgrPgsj2G2loNHY7anSxvQzxJjZfLGiRKzEasIZA1KwyAef9zyZzYicBtWfTfmSyEEuqi888nyzFsst6LNFMnYJFpn5IbgAGIrhZfCVh3OBracEYpJeL37WPCIhzp_sQ2Ik8He6OGziOruGszNSDfEARsRHzlfoYbhRW3eJx-Aw2WUazMMlIglEvAP_eKkGtVcwvsbDPD-pP0LaNG4agLOuDwMPaiy-OZm6370ILhJ3mYysz072zD0NF6wedkj2aKXBJJ5UtADVWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trovas.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 409ms
409ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1104944305879657&correlator=3351363309915421&output=ldjh&gdfp_req=1&vrg=2022100402&ptt=17&impl=fifs&iu_parts=1254144%3A22622730495%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=3350988234&sfv=1-0-38&ris=3&rcs=1&fsapi=false&prev_scp=a%3D%257C0%257C%26iid1%3D2339279495024372%26eid%3D2339279495024372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-2339279495024372%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D46%26br2%3D46%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3915%2C3919%2C3933%2C3676%2C2030%2C787%2C2693%2C3045%2C873%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D90%26reqt%3D1665596003071&eri=1&sc=1&cookie=ID%3D9e431c0df15fab13-22c3b85244ce00c1%3AT%3D1665596000%3AS%3DALNI_MYfjLK3Vl9M_XKuyFWRgUhGQB8HBA&gpic=UID%3D00000b711964a200%3AT%3D1665596000%3ART%3D1665596000%3AS%3DALNI_Mb1H0Do0h5Aju4EhWYGbZ7Ks2oQfw&abxe=1&dt=1665596003079&lmt=1665596003&dlt=1665595999351&idt=277&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftrovas.ch%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1981211437.1665596000&ga_sid=1665596000&ga_hid=1463656026&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoZOI6rwwSABSAghkEhkKCnB1YmNpZC5vcmcY_5eI6rwwSABSAghqEsIBCghydGJob3VzZRKsAXJiOVZnWE9kQzQvQ0ZsZ1UyTm5oUG9BbExkOTFHc3BLYmtuQ1dWbE9RM0JFQSswSzNKRG5DbGVuL0wvYlpBMkE0V3lrK0VHODJRbUJjc0hhUnM2TnQvMHNOUUplY1lzb2JCK0pTeU1Lc2ZYK1JNZWJreGZVNms2cWZ2ekM3TVE5NWVOYW1yU2hsejd2cDdrcHFHUGRHYTdLbmdYclkyL2FPUnBSVWFsb2pDZz0YkJaI6rwwSAASHQoOZXNwLmNyaXRlby5jb20YoZOI6rwwSABSAghkEj4KBW9wZW54EixleUpwSWpvaVVtOW9Xa3Q0U1hSVGRtRjRUa1pJY21wclkzSjVkejA5SW4wPRipl4jqvDBIABIZCgp1aWRhcGkuY29tGNOWiOq8MEgAUgIIbxIbCgxpZDUtc3luYy5jb20Yr5SI6rwwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3c6a9d5d0d92924b71aa6c04c5eb9e3beae056aa06e8532040fbfedb0b6a969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9698
x-xss-protection: 0
google-lineitem-id: 5835965484
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371617670
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80AB 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdLG1jdZqQD5vhoDP-7gsaFObA3U65F2f7iGZPwdHQ809ECcCfg7JO5Hx4cJKLryJJr2Gi4wXs1dTjhsUZWBKpKmEgDR82kvFGoC5PvluDfKDGhld9a-d84UjjIDoH7mG65fZsdt9xOh1aT5arTWNJYqgB7fafDyj83_tEvhHKz4f4VfZHvRTJxgFKvVHNm-UkbTWjzDZL0KbcCFLF1PvK3kfo1TT0fceGGfwDkC7vRb1_waoqFU4sCX_bt9-qoburYjFdVpn2U_JVDyvnPXBBlrf3ZBemrgvoUCBRUeq0efx3RazxYkFf2JPo_XJ3iI-kyrZN0ZQCQdETmyunEYbBk7Dmm3hn&sai=AMfl-YQ-m6K0t0wgBSo3EN53T-R8aZ_aow3KXZ7Sc2q3e5e3TStep0x_LPKGXrAt_fZI9e9mrxbm2L8JUc-nl_kmFkDeiCkzoVaTybWaBDyJv50NUFSV6YU0xerJsrpVI-8GBQ&sig=Cg0ArKJSzDVjRX-NHTUYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 smb-dispad_728x90.js Show response
saambaa.com/widget/gpt/728x90/assets/ Frame 80AB 33 KB
12 KB 741ms
225ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8312706527ada3f9e8cf0d9807259dca5cd768e359c7c905a2c4e506618ac5d0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 20:06:26 GMT
server: Microsoft-IIS/8.5
etag: "0d869facd2d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 11815

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80AB 151 KB
47 KB 105ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 17:33:23 GMT

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
16 B 24ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjIzMzkyNzk0OTUwMjQzNzIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjU1OTU5OTcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImQ5NGZjNWU0LWUyMzAtNDc0MS03MzU0LTA0NDhmZjFmOWZjOCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTgzNTk2NTQ4NCwiY3JlYXRpdmVfaWQiOjEzODM3MTYxNzY3MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImZlNWIwYzk5YWI3YmExNWYwNTA1ODJiZTEzMDEzMDNmIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMzM5Mjc5NDk1MDI0MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDA0NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDQ2LCJiaWRfZmxvb3JfcHJldiI6MC4wMDA5LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjU4MzU5NjU0ODQsImNyZWF0aXZlX2lkIjoxMzgzNzE2MTc2NzAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyMzM5Mjc5NDk1MDI0MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjU4MzU5NjU0ODQsImNyZWF0aXZlX2lkIjoxMzgzNzE2MTc2NzAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODM3MTYxNzY3MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI1ODM1OTY1NDg0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:22 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:22 GMT

GET
H3 200 5835965484 Show response
go.ezodn.com/dac/ 42 B
634 B 56ms
55ms XHR
text/plain 2606:4700:e0::ac40:661c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/5835965484
Requested by: Host: trovas.ch
URL: https://trovas.ch/porpoiseant/banger.js?cb=195-12&bv=164&v=67&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:661c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b0ab6629d49b65caa49f50f123185a667a654fb9c49d268cadad166377f28c7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
last-modified: Wed, 12 Oct 2022 17:33:23 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://trovas.ch
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roPqEj3YMAdJc3482sDIkJmkxEz5SJ2CLpMoH9Ad4bXMf51O6CVWbmNd0mcqgja17leGauJmtKbCODgJS%2F8ulj8wlM3pw9f4mb9GkrkSlt97sU5VcwlLiZTDD%2Bv01QisU12d8SgJOtqqYTI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7591948e0beeb978-AMS
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
trovas.ch/porpoiseant/ 0
74 B 25ms
24ms Ping
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMi0xMC0xMiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE3In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjMifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://trovas.ch
x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:24 GMT

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
16 B 23ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYXVjdGlvbl9lcG9jaCI6MTY2NTU5NjAwNCwiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTAsImJpZF9mbG9vcl9wcmV2Ijo5MCwiYmlkX2Zsb29yX2ZpbGxlZCI6NDYsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQyOCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0fV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:22 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:22 GMT

POST
H2 204 army.gif
trovas.ch/porpoiseant/ 0
16 B 23ms
23ms Ping
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyOTY3NjU1MTc5MDA0OTU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjY1NTk1OTk3LCJhZF9wb3NpdGlvbiI6MTE0NywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJkOTRmYzVlNC1lMjMwLTQ3NDEtNzM1NC0wNDQ4ZmYxZjlmYzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjIzNyJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://trovas.ch
x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:24 GMT

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
15 B 23ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywicmV2ZW51ZSI6MC4wMDA2NSwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjoxMDA1MSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImQ5NGZjNWU0LWUyMzAtNDc0MS03MzU0LTA0NDhmZjFmOWZjOCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTgzNTk2NTQ4NCwiY3JlYXRpdmVfaWQiOjEzODM3MTYxNzY3MCwiZGF0YSI6W3sibmFtZSI6InN0YXRfc291cmNlX2lkIiwidmFsIjoiMTAwNTEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:24 GMT

GET
DATA 200
OK truncated
/ Frame 80AB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e26a95d7fea5cbaf556ec5b212689bebbc48e9f9ee538675e599db0cff7acf2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 80AB 6 KB
672 B 87ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 17:25:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 17:33:24 GMT

GET
H2 200 select.css
saambaa.com/widget/gpt/728x90/assets/ Frame 80AB 1006 B
799 B 122ms
119ms Stylesheet
text/css 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:21 GMT
content-encoding: gzip
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
etag: "02525d0cceed21:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 645

GET
H2 200 smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame 80AB 11 KB
3 KB 120ms
118ms Stylesheet
text/css 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afb14d54fd8039ba71f1da4f953a6c2ff846cec201b5988844139a1e7f6a745c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:18 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 20:53:59 GMT
server: Microsoft-IIS/8.5
etag: "80cdfe63b06fd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2979

GET
H2 200 0 Show response
api.saambaa.com/properties/widgetconfig/728x90/partner/trovas.ch/platform/ Frame 80AB 4 KB
2 KB 345ms
329ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/properties/widgetconfig/728x90/partner/trovas.ch/platform/0?callback=__smbcfgldr295818
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cc5f80bbe889c824792b3c292c11e0a0846414d6eaf3baf26272815eab678fc0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 1600
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 80AB 79 KB
27 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c471f8b4287e33193a3a3b30ecf8db7e90a0536b710a66c5feb0ae00f0fa5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27736
x-xss-protection: 0
server: sffe
etag: "1361 / 183 of 1000 / last-modified: 1665595150"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 12 Oct 2022 17:33:24 GMT

GET
H2 200 saambaa_prebid.js Show response
saambaa.com/assets/js/ Frame 80AB 340 KB
105 KB 120ms
118ms Script
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/assets/js/saambaa_prebid.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d4fd82201270dc4aaf4f3df2b6aa3ee68899d08925024ed12f62e24e718a1328

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 04:07:39 GMT
server: Microsoft-IIS/8.5
etag: "80778a611b9d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 107432

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 80AB 90 KB
35 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4474fef93f04e1532a3799b61c0ab73f5341253567d888b1ca05eef55da99298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36203
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 16:11:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Oct 2022 17:33:24 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 80AB 49 KB
20 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 17:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1047
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 12 Oct 2022 19:15:57 GMT

GET
H3 200 pubads_impl_2022100501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 80AB 380 KB
128 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131414
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 08:35:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Oct 2023 16:48:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 80AB 124 B
118 B 33ms
33ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=trovas.ch

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2253dfa5eed58fa6b13a6ccef032092f84a0969548330b707d3b6e890b2a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Wed, 12 Oct 2022 17:33:24 GMT

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 1 KB
2 KB 102ms
25ms XHR
application/json 3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d60f34ac225e585e0a8ce20432cd84c38212327c7e6c1a8f9529d41c1ce64735

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1321
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 266 B
490 B 157ms
83ms XHR
application/json 3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de7c969ef47a499e1a2c8bb80bc94f5259f8e0e38ae77cace24e38ad83365aa6

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 266
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 175ms
88ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=57&rp_schain=1.0,1!ezoic.ai,a23a53f1c9464013937c72731882aac9,1,,,trovas.ch&eid_quantcast.com=P0-334311247-1665595999925%5E1&eid_pubcid.org=c5b95b6b-572c-46b0-bbaa-9c6809d07215%5E1&rf=https%3A%2F%2Ftrovas.ch%2F&tk_flint=pbjs_lite_v7.17.0&x_source.tid=71ddbc52-c732-4710-8276-1df59352ee43&l_pb_bid_id=1446fc3653ccd8f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.49260154390502553
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 76e1365b7104dd99800189c4c5bd70f3004a46f3b3bdc92cede306a6beefb2dd

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 137ms
50ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,a23a53f1c9464013937c72731882aac9,1,,,trovas.ch&eid_quantcast.com=P0-334311247-1665595999925%5E1&eid_pubcid.org=c5b95b6b-572c-46b0-bbaa-9c6809d07215%5E1&rf=https%3A%2F%2Ftrovas.ch%2F&tk_flint=pbjs_lite_v7.17.0&x_source.tid=a75a49d2-22a4-402b-b4d9-e63580085183&l_pb_bid_id=154ce5b1a39f7b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06202283249032914
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 955254928f5b742352423e6dd025ebd3a393921d44e3e020912b16c53051a316

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:24 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 472ms
24ms XHR
text/plain 198.47.127.22

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
182 B 373ms
115ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
access-control-expose-headers: Access-Control-Allow-Origin
date: Wed, 12 Oct 2022 17:33:24 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 19
server: envoy
x-no-bid-reason: Passback by decision

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 227ms
153ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7ace4c11187d6bf4c1b91f2113d69dfed28ea7de589d919452d68eda0850731c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:24 GMT
AN-X-Request-Uuid: f0a543d3-31de-4771-91a3-70e366e4984f
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
702 B 134ms
30ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftrovas.ch%2F&CanonicalUrl=https%3A%2F%2Ftrovas.ch%2F

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

9c07dc275dc426a22a6e341b1943dd1a8b357a112e71cc6d1c59244a3721f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trovas.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 5 KB
2 KB 463ms
393ms XHR
application/json 2a0c:5c81:5142::2

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 -, , ASN (),
Reverse DNS
Software: Adtelligent /
Resource Hash: 07ed2775c1e5a0bc02fafff2ad3488e3534eb27cc09f373385f2972975132264

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 Oct 2022 17:33:24 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://trovas.ch
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1372

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
61 B 24ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:23 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:23 GMT

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=6c1b812a-7c41-4b9b-b7d0-53375f765e33&gdpr=&gdpr_consent=&us_privacy=

86 B
454 B

25ms
25ms

Image
image/png

3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=6c1b812a-7c41-4b9b-b7d0-53375f765e33&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
expires: 0

Redirect headers

location: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=6c1b812a-7c41-4b9b-b7d0-53375f765e33&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 12 Oct 2022 17:33:23 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 80AB 26 KB
10 KB 29ms
29ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 19 Oct 2022 17:33:24 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame 80AB 81 KB
18 KB 96ms
31ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a050300ce861fde712a185aa52490298bd9ae27bac3ad2b5c7bd49ecf19627

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 17:15:05 GMT
server: cloudflare
x-amz-request-id: W2ATS80KNH6T6P99
age: 471
etag: W/"f5422a3e10d7d12ce66576891545a973"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 759194957e36d5dd-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lvVMCFRvers1ERGNi7cKr6DEqllXNt6ahvrUHvDA78SGXRqAiZz35gznXoKQGtglvUobpJCz8oM=

GET
H2 200 0 Show response
api.saambaa.com/post/storyboard/10993/market/ Frame 80AB 1 KB
806 B 499ms
120ms XHR
application/javascript 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/post/storyboard/10993/market/0
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://trovas.ch
access-control-allow-credentials: true
content-length: 591

GET
H3 200 collect
www.google-analytics.com/ Frame 80AB 35 B
55 B 26ms
25ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=965733844&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&dp=widget%2Fgpt%2F728x90%2Ftrovas.ch&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABEAAAAAACIE~&cid=543000451.1665596005&tid=UA-234238005-34&_gid=1944891512.1665596005&z=262384770

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 23:08:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66293
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 80AB 35 B
55 B 26ms
25ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=965733844&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&dp=widget%2Fgpt%2F728x90%2Ftrovas.ch&dh=trovas.ch&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aMAAAAABEAAAAAACIE~&cid=8bb022ca-f65d-4d42-b082-d4b0270a41e1&tid=UA-55160257-4&_gid=1676766624.1665596005&z=1390142617

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 23:08:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66293
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-saambaa.png
saambaa.com/assets/image/ Frame 80AB 2 KB
2 KB 116ms
115ms Image
image/png 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/logo-saambaa.png
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:19 GMT
last-modified: Mon, 02 Oct 2017 20:10:35 GMT
server: Microsoft-IIS/8.5
etag: "22c03482ba3bd31:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2412

GET
H2 200 loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame 80AB 33 KB
33 KB 116ms
116ms Image
image/gif 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by: Host: trovas.ch
URL: https://trovas.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
etag: "02525d0cceed21:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 33406

GET
DATA 200
OK truncated
/ Frame 80AB 690 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 126ms
29ms Image
text/plain 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 12 Oct 2022 17:33:24 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 rules-p-TWKb6gH_3MnFX.js Show response
rules.quantcount.com/ Frame 80AB 209 B
679 B 23ms
22ms Script
application/javascript 2600:9000:2057:4200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19cdf1f20e077f2183965406edfc2bc7790fe791b2d7c5cd3b8356a7025afb2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:30:18 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Tue, 23 Aug 2022 08:06:39 GMT
server: AmazonS3
etag: "81e6eb89a72ed46ce097fb4118e8cfb1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: val9Ty7rDPfmUJjbnO1v1cyTHEqH3pAiWIF_1mZPYWJ-bmu9fYPVYA==

GET
H2 200 pixel
pxl.qccerttest.com/ Frame 80AB 35 B
550 B 23ms
22ms Image
image/gif 2600:9000:223d:6400:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=772958562;fpan=0;fpa=P0-334311247-1665595999925;pbc=;ns=1;ce=1;qjs=1;qv=7a1cba14-20221011131736;ref=https%3A%2F%2Ftrovas.ch%2F;cm=;gdpr=0;d=trovas.ch;dst=0;et=1665596004698;tzo=0;url=https%3A%2F%2Ftrovas.ch%2F;ogl=

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:6400:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 02:01:57 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P3
age: 55888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: Yd1Wy9KhFuETP0R6xJ39ghvUvDHlSZ9C1JNKlG6x9dusGHprp4_UUQ==

GET
H2 200 pixel;r=535570877;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Ftrovas.ch%2F;ref=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=0;fpa=P0-334311247-1665595999925;pbc=;ns=1;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm...
pixel.quantserve.com/ Frame 80AB 35 B
210 B 29ms
29ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=535570877;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Ftrovas.ch%2F;ref=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=0;fpa=P0-334311247-1665595999925;pbc=;ns=1;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;d=trovas.ch;dst=0;et=1665596004700;tzo=0;ogl=;ses=a2ceeca0-2704-40b6-9ea7-ded5e601d139

Requested by

Host: trovas.ch
URL: https://trovas.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202210031351/ Frame 80AB 208 KB
66 KB 72ms
32ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202210031351/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d249b361a6ae00ae9f7fb9c92123796a721f94653283d830bb78b0ebc3a29329

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 18:35:15 GMT
server: cloudflare
x-amz-request-id: METGN0NHT6X22GPH
age: 770937
etag: W/"bfa2cb2fcba193a15075ce5a72776e05"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 75919495fb66d3cc-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: s4OfJiXzOvTDh0j/c3OJFzc0CZsU/n9H8HMImSnr3L/MX4HLR6gP4p4x7yal8F68xEV1jbOs504=

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%...
https://pb-server.ezoic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA

86 B
534 B

25ms
25ms

Image
image/png

3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
Protocol: H2
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 12 Oct 2022 17:33:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://pb-server.ezoic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Wed, 12 Oct 2022 17:33:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80AB 0
0 64ms
64ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd-4EKGRV8NP0_ynVhCRm2OceFFWFHYZ5HKAPqFZIcT8qDLP9e6mYxR7yg8H3rsWEr3vToBBDSCbRXxxO-gYrAMTe5O7PWvesyoAUg324qcYzb2IgpwSsOGt-Njbjzzwqwpn4ThneqsnJa385s8qBSuf0p5_sTsJ_YgqvexDvfGcjKeDL7KJ6j4GLaeA-2eisU99x9AQcLpbDk5d6C_xnyDi_xVcdlOHR5-9fgAVLXg-b5lgDmoJ8i6AgdZG15xEAt2Ez4kTe9ZorexuIL-IgZjLcstw9v_k4UVbfqVj5EVxsqUN3-StlNDbyCyoT1nYDt95VwUIweH-nj&sai=AMfl-YQ27BYKWifCRjhqQSSOkerEQ6Bm8tAq3vlsLLz2SFg0CX5MiBp6sFzJjqJtTuOWGKaKVefQa7a-3yUwEY005iz1ekw70_otIX02lRBHEQd4TwBq2GaLvU0HVP6958eUlQ&sig=Cg0ArKJSzLQD8nmTLp2eEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Oct 2022 17:33:24 GMT

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
https://pb-server.ezoic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&f=i&uid=

86 B
534 B

25ms
25ms

Image
image/png

3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&f=i&uid=
Protocol: H2
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
expires: 0

Redirect headers

date: Wed, 12 Oct 2022 17:33:25 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
location: https://pb-server.ezoic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&f=i&uid=
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 204 army.gif Show response
trovas.ch/porpoiseant/ 0
15 B 24ms
23ms XHR
text/plain 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjMzOTI3OTQ5NTAyNDM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2NTU5NTk5NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZDk0ZmM1ZTQtZTIzMC00NzQxLTczNTQtMDQ0OGZmMWY5ZmM4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo1ODM1OTY1NDg0LCJjcmVhdGl2ZV9pZCI6MTM4MzcxNjE3NjcwLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjIzMzkyNzk0OTUwMjQzNzIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjU1OTU5OTcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImQ5NGZjNWU0LWUyMzAtNDc0MS03MzU0LTA0NDhmZjFmOWZjOCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NTgzNTk2NTQ4NCwiY3JlYXRpdmVfaWQiOjEzODM3MTYxNzY3MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: trovas.ch
URL: https://trovas.ch/detroitchicago/cmbv2.js?gcb=195-12&cb=04-3y02-8y06-13y07-2y0b-6y0d-21y13-4y17-5y21-3y2f-4y57-2y5b-22&cmbcb=114&sj=x04x02x06x07x0bx0dx13x17x21x2fx57x5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 11 Oct 2022 17:33:24 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 75F3 0
0 80ms
22ms Document
text/plain 51.89.9.251

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adtelligent,adyoulike,amx,medianet,nobid,oftmedia,onemobile,onetag,pubmatic,pulsepoint,rubicon,sovrn&cb=195-12-49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://trovas.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 80AB 0
157 B 77ms
25ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trovas.ch
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:25 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 80AB 0
331 B 192ms
20ms XHR
application/json 81.17.55.113

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trovas.ch
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 80AB 0
212 B 21ms
21ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 80AB 0
55 B 23ms
23ms XHR
text/plain 198.47.127.22

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST hb
ssc.33across.com/api/v1/ Frame 80AB 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 139 B
977 B 24ms
24ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

869c5bc5a259ea2c44a804f0b24177a4dacde737f99d305d63ed0599adff981a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: 0574bb50-7157-4cbc-9470-69b81edb12d4
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 80AB 24 B
641 B 33ms
33ms XHR
application/json 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 09a72c801b61f7c82640536d912d43ba583605538ca038ffef561d44a8f2e858

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 Oct 2022 17:33:25 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 145 B
1 KB 147ms
124ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

978ee8a4c20490a7c306c1671fd3d73f4c8bb3c97ae0370a4993a278235f2434

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: acc33de5-9d0e-4a6c-964d-27057a3ab72a
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 80AB 291 B
741 B 74ms
74ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&rf=https%3A%2F%2Ftrovas.ch%2F&tg_i.page=https%3A%2F%2Ftrovas.ch%2F&tg_i.domain=trovas.ch&tk_flint=pbjs_lite_v7.12.0&x_source.tid=85b8c154-177a-44aa-a8dc-eeba4c6ce9bc&l_pb_bid_id=201d954da081d1e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15616625650221327
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: efa0dc0e7a05578b4095a9a79a157d64d65b1485f75c04cca9eab8f733c3277b

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 291
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 80AB 0
156 B 75ms
26ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trovas.ch
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:25 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 80AB 0
55 B 22ms
22ms XHR
text/plain 198.47.127.22

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 80AB 24 B
641 B 59ms
34ms XHR
application/json 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 32a142cf70f17f64c193fa795f25f3e4770f44f13f3ddf98f863a1e59cc8da83

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 Oct 2022 17:33:25 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 145 B
1 KB 193ms
155ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c832b87e24a4cf4c4d0fd20ee7af58bce3019812c4be8eed6605e3b5532140fc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: eba4155f-3a95-4437-a629-6d0b25b64624
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 80AB 0
331 B 172ms
21ms XHR
application/json 81.17.55.113

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trovas.ch
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 80AB 0
134 B 23ms
23ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 138 B
976 B 68ms
24ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8bf5b90e92276592213c3a5547e281b361596dbc0f92562c5c88094444f2992f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: 981617ce-be5f-44e6-9286-894e49bc6b24
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 80AB 291 B
741 B 108ms
108ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&rf=https%3A%2F%2Ftrovas.ch%2F&tg_i.page=https%3A%2F%2Ftrovas.ch%2F&tg_i.domain=trovas.ch&tk_flint=pbjs_lite_v7.12.0&x_source.tid=57b7a6af-8010-4f38-9e1b-611b4d1dffeb&l_pb_bid_id=39625e77b650487&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19500781015876423
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d942fcf26b07deb3ea1fc9c24ac89aa18b731f63a455c40c5ce569505baf7602

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 291
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST hb
ssc.33across.com/api/v1/ Frame 80AB 0
0

GET
H2 200 blank.png
saambaa.com/assets/image/ Frame 80AB 68 B
151 B 119ms
118ms Image
image/png 161.47.17.28
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/blank.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:33:20 GMT
last-modified: Wed, 14 Feb 2018 23:02:54 GMT
server: Microsoft-IIS/8.5
etag: "cebd78f2e7a5d31:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 68

GET
H2 200 728x90_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 80AB 17 KB
17 KB 117ms
19ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/728x90_oahu_v3.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F7B) /
Resource Hash: 446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://trovas.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 12 Oct 2022 17:33:25 GMT
last-modified: Thu, 27 Jan 2022 00:46:57 GMT
server: ECAcc (paa/6F7B)
content-md5: 5VOrxFk1xKRvkGqad3v+sA==
age: 83817
etag: 0x8D9E12E85B2CCAC
x-cache: HIT
content-type: image/png
x-ms-request-id: b324f708-a01e-0063-799d-ddab27000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 17345

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 166ms
23ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trovas.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://trovas.ch
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 12 Oct 2022 17:33:25 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 148ms
23ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trovas.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://trovas.ch
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 12 Oct 2022 17:33:25 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 23ms
23ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trovas.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://trovas.ch
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 12 Oct 2022 17:33:25 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 139 B
977 B 25ms
25ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ec9eea6999c765145209b2efaf6d7dc504fa13eb5ba1842fcf90cba2438b6c2e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: 2e3c201f-abdf-403b-8b85-9aef031afc84
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 80AB 291 B
741 B 80ms
80ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&rf=https%3A%2F%2Ftrovas.ch%2F&tg_i.page=https%3A%2F%2Ftrovas.ch%2F&tg_i.domain=trovas.ch&tk_flint=pbjs_lite_v7.12.0&x_source.tid=401fcbab-d3a0-48e4-be23-4027c03c8173&l_pb_bid_id=467cc75e3e83e89&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47977120249308025
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fd5e4bde184bdd56ce4c0c4b89c1f00801a0c08cbac788822e72bbe31604573f

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 291
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 80AB 0
156 B 92ms
46ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trovas.ch
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:25 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST hb
ssc.33across.com/api/v1/ Frame 80AB 0
0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 80AB 0
331 B 62ms
22ms XHR
application/json 81.17.55.113

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:24 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trovas.ch
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 80AB 0
131 B 21ms
21ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 80AB 0
55 B 23ms
23ms XHR
text/plain 198.47.127.22

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 145 B
1 KB 111ms
111ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b045284f685d72f0cda357170cda54bdc6c22d1d4490b368a18f173f5213fdc0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: e8b7fb78-3b87-4396-80b2-28bbd6e44c5c
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 80AB 25 B
642 B 32ms
31ms XHR
application/json 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b7e6649969634b34ab54b83b7391bd3dae7a56c519b8d33ff139f28673547f20

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 Oct 2022 17:33:25 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 80AB 291 B
741 B 104ms
104ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&rf=https%3A%2F%2Ftrovas.ch%2F&tg_i.page=https%3A%2F%2Ftrovas.ch%2F&tg_i.domain=trovas.ch&tk_flint=pbjs_lite_v7.12.0&x_source.tid=104ba1d8-313a-49d9-9f61-01d9195c4cfa&l_pb_bid_id=64863a02b6a071f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6961177160227676
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d1279ef828a97c8de52ebad030a6d2affea046c733ce7faf41a35910532ff27e

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 291
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST hb
ssc.33across.com/api/v1/ Frame 80AB 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 15 KB
8 KB 124ms
123ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cfa9a3c45851e84de3cdbc9b69e02ca5fca97130af74b015248bf2695e394781

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 Oct 2022 17:33:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 06da9dfe-7b52-49e5-9150-d9dfc7cde171
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 80AB 0
131 B 22ms
21ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:24 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 80AB 0
331 B 50ms
21ms XHR
application/json 81.17.55.113

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 17:33:25 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://trovas.ch
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80AB 145 B
1 KB 120ms
112ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c6794c3d701b91e5c9e764bcea4cef4afaeb6cf83fb307d4a38a8288105c349c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 17:33:25 GMT
AN-X-Request-Uuid: a1220d9a-40e3-4860-97f9-4378ba40d903
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://trovas.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.97; 37.59.164.97; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 80AB 0
55 B 23ms
23ms XHR
text/plain 198.47.127.22

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://trovas.ch
date: Wed, 12 Oct 2022 17:33:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 80AB 25 B
642 B 49ms
35ms XHR
application/json 72.251.249.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.12.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: deddce2e3637c4ff62bcc7b8facd2b3eff465df610c91f8cd4e9ccd366c3e33f

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 12 Oct 2022 17:33:25 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://trovas.ch
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 80AB 0
156 B 71ms
48ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://trovas.ch/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://trovas.ch
pragma: no-cache
date: Wed, 12 Oct 2022 17:33:25 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 27ms
23ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trovas.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://trovas.ch
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 12 Oct 2022 17:33:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=ci_cScBpur6AiCaKkv7mNO

Verdicts & Comments Add Verdict or Comment

301 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bs.serving-sys.com/Serving	1970-01-20 06:42:05	Name: S_1075794732 Value: 1579083007521081040
trovas.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: hf88c6sci4s9tnn1m69pp2kb4s
.trovas.ch/	1970-01-20 06:39:57	Name: ezoadgid_174954 Value: -1
.trovas.ch/	1970-01-20 06:40:03	Name: ezoref_174954 Value:
.trovas.ch/	1970-01-20 15:25:31	Name: ezosuibasgeneris-1 Value: 84ac2dda-b467-4a9b-4f24-f64afe56a4a0
.trovas.ch/	1970-01-20 06:40:03	Name: ezoab_174954 Value: mod1-c
.trovas.ch/	1970-01-20 06:42:48	Name: active_template::174954 Value: pub_site.1665595997
.trovas.ch/	1970-01-20 06:39:57	Name: ezopvc_174954 Value: 1
.trovas.ch/	1970-01-20 06:41:22	Name: ezepvv Value: 412
.trovas.ch/	1970-01-20 06:39:57	Name: ezovid_174954 Value: 1050457843
.trovas.ch/	1970-01-20 06:39:57	Name: lp_174954 Value: https://trovas.ch/
.trovas.ch/	1970-01-20 06:42:48	Name: ezovuuidtime_174954 Value: 1665595999
.trovas.ch/	1970-01-20 06:39:57	Name: ezovuuid_174954 Value: 06c6ccbb-ca70-4973-7b7e-1192a4966fd4
trovas.ch/	1970-01-20 16:15:55	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
trovas.ch/	1970-01-20 16:15:55	Name: ezohw Value: w%3D1600%2Ch%3D1200
.trovas.ch/	1970-01-20 06:41:22	Name: _gid Value: GA1.2.2014889582.1665596000
.trovas.ch/	1970-01-20 06:39:56	Name: _gat_gtag_UA_4377331_90 Value: 1
.trovas.ch/	1970-01-20 16:15:55	Name: _ga_QHQ1LQ4N2D Value: GS1.1.1665595999.1.0.1665595999.0.0.0
.trovas.ch/	1970-01-20 16:15:55	Name: _ga Value: GA1.1.1981211437.1665596000
.tutti.ch/	1970-01-20 06:39:57	Name: __cf_bm Value: 6xgJfbXTfUP4D5oTuhxcSJ5HWUMjhsiQ5Zys183j3D0-1665595999-0-AZXnTHwdDaIuMaBuhUTOL59aEHZC3In/Pj5+WA+QAtziR/CCMeWD2nB1WwH4cE7yCZ/eOgiXHbfELAlvgbd4AtQ=
.quantserve.com/	1970-01-20 16:10:10	Name: mc Value: 6346fa5f-ee4a9-885da-90800
.trovas.ch/	1970-01-20 16:04:24	Name: __qca Value: P0-334311247-1665595999925
.trovas.ch/	1970-01-20 16:01:32	Name: __gpi Value: UID=00000b711964a200:T=1665596000:RT=1665596000:S=ALNI_Mb1H0Do0h5Aju4EhWYGbZ7Ks2oQfw
trovas.ch/	1969-12-31 23:59:59	Name: ezouspvh Value: 80
.doubleclick.net/	1970-01-20 16:01:32	Name: IDE Value: AHWqTUnLIg3OdgzlTLhPkpovvz7rU_6aAUOpHsF2_VeSqM3abvEI5dyizgMXFf_lfyg
.serving-sys.com/	1970-01-20 08:49:31	Name: A6 Value: 10t8tIxGEt000yOB000000000
.serving-sys.com/	1970-01-20 08:49:31	Name: u2 Value: 5ef10aa6-afe7-4dd2-8efb-567f1886fc3a4Jd060
trovas.ch/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1665596000956
.openx.net/	1970-01-20 15:25:32	Name: i Value: 4688592b-122d-4af6-b134-51eb8e472bcb\|1665596000
.doubleclick.net/	1970-01-20 06:39:59	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 16:01:32	Name: uid Value: 684b305f-313f-4a5a-994a-d746b82006b5
trovas.ch/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
trovas.ch/	1970-01-20 15:25:32	Name: ezux_lpl_174954 Value: 1665596001338\|d94fc5e4-e230-4741-7354-0448ff1f9fc8\|false
.aaxads.com/	1970-01-20 15:25:32	Name: aax-vsid Value: 3085976016569706000V10
.trovas.ch/	1970-01-20 16:01:32	Name: cto_bundle Value: OKKuI19BT3cybVVjdHZIQ0xkN3Z5VHhLQXpDUUpQckhTbWQ0VnNubmM5WFBnejhaVEFYJTJGY0hVZld1ZWNHT2JXVkNteDduQmhIc3pweVNnYlp2JTJCSUhOUU5DVWhQTDBDdXhTWkRVUE5Iam56T1Y4NnpsdGxjb054dmFUQW1YSVFoaE5OZnFpQ3FKbSUyQjZqRUtFJTJGSGlXYkNINFpsQSUzRCUzRA
.trovas.ch/	1970-01-20 16:01:32	Name: __gads Value: ID=9e431c0df15fab13:T=1665596000:S=ALNI_MZ9rhmLKjMsdnQCjwzP3vEtUdAEHA
trovas.ch/	1969-12-31 23:59:59	Name: ezouspvv Value: 126
trovas.ch/	1969-12-31 23:59:59	Name: ezouspva Value: 2
trovas.ch/	1970-01-20 07:23:08	Name: _pbjs_userid_consent_data Value: 3524755945110770
.trovas.ch/	1970-01-20 15:25:32	Name: _sharedid Value: c5b95b6b-572c-46b0-bbaa-9c6809d07215
.rubiconproject.com/	1970-01-20 15:25:32	Name: khaos Value: L95WUU9I-1-LTOF
.rubiconproject.com/	1970-01-20 15:25:32	Name: audit Value: 1\|hLZGFuTafB0VLnWidSxHQRB7cS23Qz/c+yqNcA0fc/Z7W3GqOkhujtyYGov+5hfLNaK6H+MfNtngcRgjl6EitQKjtCAth4n13OlDu/ORdD8=
.adnxs.com/	1970-01-20 08:49:32	Name: icu Value: ChgIkfo_EAoYASABKAEw5PSbmgY4AUABSAEQ5PSbmgYYAA..
.adnxs.com/	1970-01-20 08:49:32	Name: uuid2 Value: 6402828744192883912
.media.net/	1970-01-20 15:25:32	Name: data-pbs Value: setstatuscode~~1
pb-server.ezoic.com/	1970-01-20 08:49:32	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNmMxYjgxMmEtN2M0MS00YjliLWI3ZDAtNTMzNzVmNzY1ZTMzIiwiZXhwaXJlcyI6IjIwMjItMTAtMjZUMTc6MzM6MjQuNjIxMjExNTQ5WiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIwMDAwRUVBIiwiZXhwaXJlcyI6IjIwMjItMTAtMjZUMTc6MzM6MjQuOTgxODIyOTY0WiJ9fSwiYmRheSI6IjIwMjItMTAtMTJUMTc6MzM6MjQuNjIxMjA0MTYyWiJ9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4dea5046fd90ed729b27d62bf727127a.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
ads.servenobid.com
adservice.google.com
adservice.google.fr
ap.lijit.com
api.saambaa.com
basher.ezodn.com
bcp.crwdcntrl.net
bid.contextweb.com
bs.serving-sys.com
c.aaxads.com
c.amazon-adsystem.com
c.tutti.ch
c21lg-d.media.net
can01.anibis.ch
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cis01.immoscout24.ch
esp.rtbhouse.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id.sharedid.org
id5-sync.com
invstatic101.creativecdn.com
l3.aaxads.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel.quantserve.com
prebid.a-mo.net
prg.smartadserver.com
prod.uidapi.com
pxl.qccerttest.com
region1.google-analytics.com
rules.quantcount.com
saambaa-static.azureedge.net
saambaa.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tpc.googlesyndication.com
trovas.ch
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ssc.33across.com
108.138.4.10
108.157.6.231
147.75.85.234
161.47.17.28
162.19.138.116
162.19.138.119
178.250.2.146
18.159.80.129
18.66.248.55
184.24.11.26
184.24.12.164
185.255.84.150
185.89.211.132
198.148.27.134
198.47.127.22
2001:41d0:701:1000::2fb3
2001:4860:4802:34::36
213.19.147.42
2600:9000:2057:4200:6:44e3:f8c0:93a1
2600:9000:223d:6400:11:615:7240:93a1
2602:803:c004:200::140
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:3556
2606:4700:4400::ac40:963e
2606:4700::6812:106b
2606:4700:e0::ac40:661c
2606:4700:e0::ac40:671c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a02:2638:1::3
2a02:2638::1c
2a0c:5c81:5142::2
3.12.31.10
3.123.131.103
3.67.250.232
34.102.146.192
34.120.107.143
34.208.243.53
34.96.70.87
34.98.64.218
35.190.39.111
51.89.9.251
52.212.128.245
52.212.146.220
72.251.249.14
81.17.55.113
91.208.180.148
91.208.180.149
95.101.200.23
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
062ad981e9b2f70100d314e75af6f377e324914a5b4a1a6709c593490c100f9a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ed2775c1e5a0bc02fafff2ad3488e3534eb27cc09f373385f2972975132264
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
09a72c801b61f7c82640536d912d43ba583605538ca038ffef561d44a8f2e858
0b0ab6629d49b65caa49f50f123185a667a654fb9c49d268cadad166377f28c7
0bdf0d0738a8dce74af819af4eaa2771edfb01a108431a65f538de91d9a77604
0c2c19fc31178f0864e7b9d66c81e7e9f3a2623ae63cde40c49eeea052c457a9
0d714c08f94baaaf75d0d4e7c95627f3f965685f12c88decae33a8caac839d9b
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
10c471f8b4287e33193a3a3b30ecf8db7e90a0536b710a66c5feb0ae00f0fa5a
17856b64c92a34c95321310bee7790196468634d6cd2435e6cb6b6f6b6c2335e
19cdf1f20e077f2183965406edfc2bc7790fe791b2d7c5cd3b8356a7025afb2e
1e537a9e4e6a6698e69747f0cc8cbc246a08fb9bd74de3e4824d69aff0387404
1f54c9abafe87b0a50bbf04adf7083d8e65e985fb8d555434f331d10ba94bb84
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
26375ce577be9c56030cda192c930bcf7642d098e8d69004bd903f7d3624d83d
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b3203478e2a79d295f249396ca8ae8cd6a6831ed29c46502e1325410f10c86c
2e3484ff4e604680dc171fab3cefa8bffdd18700e1c7e279def6fb0031c88f93
32a142cf70f17f64c193fa795f25f3e4770f44f13f3ddf98f863a1e59cc8da83
32f1f26bd9659b03856ce10a1e9b56c9bd480f853e26e9c85bad7b84095a096f
3bdd7a63870fa439db956d108dbe0942b68141133f1ac6c6b621d95289e45f2c
3c9728842f6e7eb1f63ae7e46212c77af6836c6c64d139f5b6883422629ba398
402521e0a503eff45497c1e69391cdd1afb21ede21e86cd0244595124f2b036b
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4
4474fef93f04e1532a3799b61c0ab73f5341253567d888b1ca05eef55da99298
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4dd4356eed1998b7f8aad2a9a22c7ff3267986df0c848c8c47abc8cfad56c0d9
4fe8248da42b7e548d250f5cb11bda7c729ab8b45a43cfdb50153024cfa0a950
525755950785df85bb06dcd4ab5c63cb670572b00715ed0cc43d4d34ee82c4d7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55613cad6b0c39593e31d97087084125fb26f2163f565485e5ae577443dc5a28
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590f420ac82bae850c481452aaa3cd5947e51a2321da976ad875f473f1ee995f
595dcd9e85d7347e1a3f12b245164b460a77942446b96ab873e417866f0b8c43
597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f
5c4a216aed848d8cd3d572fdc2b43bec6714664b498d994c66a14ebb3d08404d
5dd31eab19c08109f66b037bf1de7b710629af2ca9613793e9332f18205e90dc
6060578c7185aef392f17eb4c294523a6fdf2d8c5fea176198b698dc9eca6914
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63921b4d7746d52820d66930fc665e4c87d5e65c0ee13e0f1371d49bdad04dfd
6626fb430ee3f43bee5fc460c64cc86330928e2e4e45444bd7149c5b8753ac5d
6690c943dc6916f073007014274995c4b63a8c3342c9f0e38a2d5f6f553b70c6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3c648447514db2f2f7c8f04b3ac0b1cf1e8ea00fe8c743f427f63d938a198c
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6d986c35e576b6f5a1559a2d3f2891e4b12df1ca8c59dd86eaba3f8e4d1f6419
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f0cee03cafba12a1684d4f70f2c7c1d9c3534e28c3b200e618657234b23a793
72dfec3187ef36ae6552efdf60288b6a582b742503f19a238272e577a3d1f6b6
732df544e5f36fe721ca860b85632e01a4f8323ebff30418320e0fafc7bec465
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76e1365b7104dd99800189c4c5bd70f3004a46f3b3bdc92cede306a6beefb2dd
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ace4c11187d6bf4c1b91f2113d69dfed28ea7de589d919452d68eda0850731c
7e72f7b38ac1a9a336b5fec2e0dc150dc214c3972e323dfbd043cdd082e2575d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ffa1b6bd920dcecc467b733087c29c27a8091f7be5f28efcb72e0a110a59c2b
811063d8d9a235a9ecdb67b07b0908b9581323705bbcac3cb86d507a1b639cc0
8312706527ada3f9e8cf0d9807259dca5cd768e359c7c905a2c4e506618ac5d0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
869c5bc5a259ea2c44a804f0b24177a4dacde737f99d305d63ed0599adff981a
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
87f6a0898335a919a8bdbb19bbf18203a92ea4f7b78fc6d19ebcd68747fd6cbc
886abda00e50a0b809453437aed2488cd77591129d4538385f5b57ebac6c7303
8aa8f80ac26c590eaf04e784d44349446dc4409b13d11e5c14cb386f19c64a60
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8bf5b90e92276592213c3a5547e281b361596dbc0f92562c5c88094444f2992f
8e26a95d7fea5cbaf556ec5b212689bebbc48e9f9ee538675e599db0cff7acf2
8f92ba5f278ac1af0b55eda06a7622dbeb751af75058dd3ac3a89583147fc5e2
955254928f5b742352423e6dd025ebd3a393921d44e3e020912b16c53051a316
978ee8a4c20490a7c306c1671fd3d73f4c8bb3c97ae0370a4993a278235f2434
97a050300ce861fde712a185aa52490298bd9ae27bac3ad2b5c7bd49ecf19627
9a360d92d9084610217bbc9228381fc071268b72659333f62d7351a221660efa
9baec16479d7fa8b911babff75e376fb8dd74a0dd02aac1e38f2950ad0d87c60
9c07dc275dc426a22a6e341b1943dd1a8b357a112e71cc6d1c59244a3721f598
9c17247f5867ef17b7d71808496e8dfccdc98354621967e32ff6c8fd1016541e
9f689ca5ffefeea41c73d484efe0a7eb186e5df9963cce9ee4f446c7a5065886
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1027d66f68b391b7367955c5b8126e56b3bdd64d2abea3e33d55c6a1a099302
a251635baf0f6979ce762c9492376adfdef695db2caf5d1864e9bea5b0ea0f11
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
af72532f4cbdf02cfa765aa03b94f26891056136014b3a51dbd098f72c730c75
afb14d54fd8039ba71f1da4f953a6c2ff846cec201b5988844139a1e7f6a745c
b045284f685d72f0cda357170cda54bdc6c22d1d4490b368a18f173f5213fdc0
b1d2e4b7a4167fcd9bdb7d1f75be50b0bcc5829cd9eafd043ec1ca522b0f5b1b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b559eac63e26bd90aa59a9d257de154f6617b880623facba698052dfbf47d631
b79af73ff937dffcaefd36e52803089c65cb9b615d7555df58c0d8ea0e999a3d
b7e6649969634b34ab54b83b7391bd3dae7a56c519b8d33ff139f28673547f20
bba2e78dba661467c8012ca3fb4cd683f8c7f5031a119c60f726f596cef48802
bbb9382967ff72de18d7e26e47dd0bed76fa9d73f5fb766a656996595fc78f91
bf2253dfa5eed58fa6b13a6ccef032092f84a0969548330b707d3b6e890b2a28
c17903a7fa2d3c5bb336c8967db7ad0bde4009b082926b3e11629e857298cbeb
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3c6a9d5d0d92924b71aa6c04c5eb9e3beae056aa06e8532040fbfedb0b6a969
c4a1e8fd9c3afc72f85b57dd4768e3bfcbb5fc9d48709c126855f7bf605b0066
c6794c3d701b91e5c9e764bcea4cef4afaeb6cf83fb307d4a38a8288105c349c
c832b87e24a4cf4c4d0fd20ee7af58bce3019812c4be8eed6605e3b5532140fc
c836c918d088b4787c622f4903327fed59ec8fed36558fdf46bf2ca767873b27
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
cc5f80bbe889c824792b3c292c11e0a0846414d6eaf3baf26272815eab678fc0
cd7d101ac96fbbdfd47d5f427b9376c786588d1aaa1239bede5543c6a6abd167
cd8a7deef39495213f57fbee09ece6c13b77fb9266801cbca5d91d6f72e2414a
cfa9a3c45851e84de3cdbc9b69e02ca5fca97130af74b015248bf2695e394781
d1279ef828a97c8de52ebad030a6d2affea046c733ce7faf41a35910532ff27e
d1372b8e93b2564430b5d25a73adcb314332c3ef8987b54835ec1126dd273e82
d1900370b2eaa271343a8bcc4cb81d434429a68a6948253ffff89d7161e8f42e
d1acb565e0679c25262d25e143e7f783140a84d90edeb5cea945ce49db57ca94
d249b361a6ae00ae9f7fb9c92123796a721f94653283d830bb78b0ebc3a29329
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d43a78c0afdaab62e85c43f804e0f994d57679d9a959a40686498c5ef6b4e6e2
d4fd82201270dc4aaf4f3df2b6aa3ee68899d08925024ed12f62e24e718a1328
d60f34ac225e585e0a8ce20432cd84c38212327c7e6c1a8f9529d41c1ce64735
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d942fcf26b07deb3ea1fc9c24ac89aa18b731f63a455c40c5ce569505baf7602
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
d9c25362d77ed9e7fc9b09c4f90f1cd5f7e63a779553ea96db425b33aa0f90e2
daff854f27706ca5dea672ab528a28855d78e8d630f8592566ca541eeffc2d85
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7c969ef47a499e1a2c8bb80bc94f5259f8e0e38ae77cace24e38ad83365aa6
deddce2e3637c4ff62bcc7b8facd2b3eff465df610c91f8cd4e9ccd366c3e33f
df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e
dffe7432c5964e20291152648ab71caed1c6ca5d56273c573bb4baaaea448394
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
eb3963da120110b1c7bf93aab0b5161a8c3c73999f20a74594bba084be87b1d7
ec9eea6999c765145209b2efaf6d7dc504fa13eb5ba1842fcf90cba2438b6c2e
ece0243f41da2a86f90bed203e2ad25e635421a7a362b51b99c888035a0cbfbc
eef006a4cf5c63e455b4c53c71af64bcac2e5d29067687374fe6448f897fd9a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0dc0e7a05578b4095a9a79a157d64d65b1485f75c04cca9eab8f733c3277b
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197
f4db516c810f70fe59806f7dfdbd2d8f66113bd2a059a8a4fb933daecc4eb3bf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fabd09e68dec689e1deb5022c20a2b70498c2ae62b6b8887be58a06cf3b82b95
fbea24b4325d3f3a53e4c8382b6112f95bd92582114aa610b5b4f5cedb916d2e
fd5e4bde184bdd56ce4c0c4b89c1f00801a0c08cbac788822e72bbe31604573f
fe111a3f40efdb21908bc0c699b4d9227fdc06088354de838ec17139e729e960
fe9fbd45b2554aab729f4b837b53b5d12da7df95b2a2b0b6dda08b41238e2c30

trovas.ch Open in urlscan Pro 18.159.80.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

221 Requests

95 %HTTPS

48 %IPv6

51 Domains

68 Subdomains

63 IPs

7 Countries

3092 kBTransfer

6082 kBSize

46 Cookies

9 Outgoing links

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trovas.ch Open in urlscan Pro
18.159.80.129 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

95 %
HTTPS

48 %
IPv6

51
Domains

68
Subdomains

63
IPs

7
Countries

3092 kB
Transfer

6082 kB
Size

46
Cookies

221 HTTP transactions
3 data transactions