trovas.ch Open in urlscan Pro
3.126.196.163  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1

Request Chain 92

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKy637XRfvY2feCNvxeLPwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1

Request Chain 99

• https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=adlicious&atb_dcaid=display.awa_starterset HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 100

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAbt1SMvvAaQqJ5XeUEiZyo&google_cver=1&google_push=AQvitUK7kg5JuvWwnLvb2wx5TYSaQxFOkJskoWEIRxKcaVC8qQwX7-ePBkSZkKsqecv7T7kMozVGmEe1rj1UT6R4ZN8nYhWlml3oNw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAbt1SMvvAaQqJ5XeUEiZyo&google_push=AQvitUK7kg5JuvWwnLvb2wx5TYSaQxFOkJskoWEIRxKcaVC8qQwX7-ePBkSZkKsqecv7T7kMozVGmEe1rj1UT6R4ZN8nYhWlml3oNw

Request Chain 102

• https://d5p.de17a.com/cookies/google?google_gid=CAESECoagx8ScvaVtmSQNy4dS9I&google_cver=1&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzlPz3qA9A HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESECoagx8ScvaVtmSQNy4dS9I&google_cver=1&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzlPz3qA9A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzlPz3qA9A

Request Chain 103

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEucX-oJD0iRdZfJdpliiCQ&google_cver=1&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGeT7zcKCg8SnQxehGr8mkRd6gA HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEucX-oJD0iRdZfJdpliiCQ&google_cver=1&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGeT7zcKCg8SnQxehGr8mkRd6gA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NzAyMTQ3NzQ3MjUxNDA0Mw&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGeT7zcKCg8SnQxehGr8mkRd6gA

Request Chain 104

• https://rtb.openx.net/sync/dds?google_gid=CAESEMW4-ervdtL-npJhUXne1Wc&google_cver=1&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEMW4-ervdtL-npJhUXne1Wc&google_cver=1&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA&google_hm=V3LtpUiCwVoxlCkgyP8piw==

Request Chain 105

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPKsOcTuMkJxpUVpr5CvZms&google_cver=1&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo9dsflOarYLIs5IZ2g HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPKsOcTuMkJxpUVpr5CvZms&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo9dsflOarYLIs5IZ2g&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo9dsflOarYLIs5IZ2g&google_hm=UkFXd1dfbUpYU1NzMzhyQllVZkw=

Request Chain 106

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIGBPBex_6zJb-SmMG7YQBw&google_cver=1&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq8dFxmytaxC3 HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIGBPBex_6zJb-SmMG7YQBw&google_cver=1&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq8dFxmytaxC3&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq8dFxmytaxC3&google_hm=e2797b745ff47a33c9f47448

Request Chain 139

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1

Request Chain 140

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKy637XRfvY2feCNvxeLPwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1

Request Chain 148

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN1xh_rFNz4MeWZj20mLY8M&google_cver=1&google_push=AQvitUIKi4uy8nZKbDtmQjwrXJdY0zIlNBTo6Zz3-Shd2VXFe9OOtUYdWKQamKTfVdicYRn24K6AI1b73LuOoNFC6zuuzxEt3qI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIKi4uy8nZKbDtmQjwrXJdY0zIlNBTo6Zz3-Shd2VXFe9OOtUYdWKQamKTfVdicYRn24K6AI1b73LuOoNFC6zuuzxEt3qI

Request Chain 149

• https://um.simpli.fi/gp_match?google_gid=CAESEJ9_X_U8jIpKkyTF21_hWmA&google_cver=1&google_push=AQvitULlIAaWsSuv_2BRhiMl2bRl255-BKk86fb1zy-TMKKsjlw0junqaLI8ccc-uQa9z9MuUcYQKkC_9jP7TB56ijE4xRDIkw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FAE85A971B264FA38160B882C8E3BBAC&google_push=AQvitULlIAaWsSuv_2BRhiMl2bRl255-BKk86fb1zy-TMKKsjlw0junqaLI8ccc-uQa9z9MuUcYQKkC_9jP7TB56ijE4xRDIkw

Request Chain 151

• https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECJ-hymL-FD4xt9SUayG2Fo&google_cver=1&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8IVdw92o4GZkH018Oc HTTP 302
• https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECJ-hymL-FD4xt9SUayG2Fo&google_cver=1&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8IVdw92o4GZkH018Oc&prevuid=03030002_60acbae13243f&knw=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8IVdw92o4GZkH018Oc&google_hm=MDMwMzAwMDJfNjBhY2JhZTEzMjQzZg%3D%3D

Request Chain 152

• https://d5p.de17a.com/cookies/google?google_gid=CAESEJrUFUlElyx-l9yj5nyySMc&google_cver=1&google_push=AQvitUI72b9KbwkimvGB9lJbmNdwaK1zRvFlWg88VcRJ8cVqBsty0crt8Do81NyAD_hKMAy9_1pORs64gfPDcaiCfOw8H5K6wa4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUI72b9KbwkimvGB9lJbmNdwaK1zRvFlWg88VcRJ8cVqBsty0crt8Do81NyAD_hKMAy9_1pORs64gfPDcaiCfOw8H5K6wa4

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response trovas.ch/	89 KB 24 KB	188ms 166ms	Document text/html	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 37462aa491cdb2bffec1e9778cbde0cd8f2b0792eded94de696948b2b7233acd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :method GET :authority trovas.ch :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control max-age=0, must-revalidate, no-cache, no-store content-encoding br content-type text/html; charset=UTF-8 date Tue, 25 May 2021 08:52:41 GMT display pub_site_sol expires Mon, 24 May 2021 08:52:41 GMT pagespeed off pragma no-cache response 200 server nginx/1.16.0 set-cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; path=/ ezoadgid_174954=-1; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 09:22:41 UTC ezoref_174954=; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 10:52:41 UTC ezoab_174954=mod1; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 10:52:41 UTC active_template::174954=pub_site.1621932761; Path=/; Domain=trovas.ch; Expires=Thu, 27 May 2021 08:52:41 UTC ezopvc_174954=1; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 09:22:41 UTC ezepvv=373; Path=/; Domain=trovas.ch; Expires=Wed, 26 May 2021 08:52:41 UTC ezovid_174954=1783200239; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 09:22:41 UTC lp_174954=https://trovas.ch/; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 09:22:41 UTC ezovuuidtime_174954=1621932761; Path=/; Domain=trovas.ch; Expires=Thu, 27 May 2021 08:52:41 UTC ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 09:22:41 UTC ezCMPCCS=true; Path=/; Domain=trovas.ch; Expires=Wed, 25 May 2022 08:52:41 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-middleton-display pub_site_sol x-middleton-response 200 x-powered-by PHP/7.4.18 x-sol pub_site
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	62 KB 21 KB	36ms 15ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash b5d6e722e8f01f6b0b1c9289ecd8964003109d34fcbebc0c595d09b6b69d3028 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "882 / 248 of 1000 / last-modified: 1621894322" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21372 x-xss-protection 0 expires Tue, 25 May 2021 08:52:41 GMT
GET H2	200	dall.js Show response go.ezodn.com/hb/	265 KB 78 KB	196ms 177ms	Script application/javascript	2606:4700:3032::ac43:b890 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ezodn.com/hb/dall.js?b=appnexus,criteo,luponmedia,medianet,oftmedia,pubmatic,rhythmone,rubicon&cb=194-4-19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:b890 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cf6f1d3678638996c900adc2d0667e674b7c398d628f0a7b8b8be3daa3138bd Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q8n6sz82F7go8mt%2Bs1zvM6%2BJfK09Xwxwku89wF5Isi9V77XlYg1wcEcLl0Ml%2B9GiaVW2tC6B%2BgfqbOR7eNraGPhM0NbXZAPp%2B2taYJsHwOomI8ZQrPLullSs2zAMv2XbbWHT%2BZWx"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 654d876e48510609-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a4452f8ef00000609bd91c000000001
GET H2	200	/ trovas.ch/	2 KB 768 B	48ms 47ms	Stylesheet text/css	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/?ff=1&pI=style.css&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 6f0cee03cafba12a1684d4f70f2c7c1d9c3534e28c3b200e618657234b23a793 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /?ff=1&pI=style.css&wps=true pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol pub_site display staticcontent_sol, staticcontent_sol x-powered-by PHP/7.4.18 x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 content-length 593 pragma no-cache response 200 server nginx/1.16.0 strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	style.css trovas.ch/	15 KB 4 KB	53ms 53ms	Stylesheet text/css	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/style.css?ff=1&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash ffcc632ac20394b6d29315f30b7f8672b1fbdf38f70e129857d1bef673d45e2a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /style.css?ff=1&wps=true pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3800 response 200 last-modified Thu, 20 May 2021 16:48:11 GMT server nginx/1.16.0 etag "3af8-5b452638c2480-gzip-gzip" strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css cache-control max-age=604800 expires Tue, 01 Jun 2021 08:52:41 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	88 KB 35 KB	43ms 23ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a324273d979f52ace590c742d3aa2870132375d36f5010ab8ece269b76bdf737 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35794 x-xss-protection 0 last-modified Tue, 25 May 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 25 May 2021 08:52:41 GMT
GET H2	200	banger.js Show response trovas.ch/porpoiseant/	43 KB 10 KB	19ms 12ms	Script application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 6479a7112fd3ba54336deaf72ae4beb06258c65426d5e29d02ae524bbf18d600 Request headers :path /porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET H/1.1	200 OK	/ can01.anibis.ch/	32 KB 33 KB	113ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/764/933/038/GJJ601ekakKOISkZIrqQrg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash f427979f860060318e4f2c9e91ec4970656b1d688724d5ff50f9b640f9575b07 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	62 KB 62 KB	129ms 39ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/691/933/038/ud1jpNxgyUKTqZY2Rz321A_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 813d0d92b3365840f1effdc27e045432d3b5a1587d574c22f9fb625c8e831dcf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	27 KB 28 KB	128ms 38ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/772/933/038/NEZbngaqDUSa1Q2qCn_nSg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 24a11563e3e888f1718bd62aed47d5e7337bb6dbdb202f2835bcc4e02ea1843e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	50 KB 51 KB	129ms 38ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/782/933/038/ad7S4honjEadYb57BzsuiQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash c2d663746c4ab02c13e99a5148693d5762ca4a595874d64879429e3936b1010d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	52 KB 53 KB	130ms 39ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/728/933/038/07_OFrFrP0CMv7xZQPZftg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 4493000094ccc440b45bdc89a6b6be81603e5d5252732a8485f294e1b25ec46d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	37 KB 37 KB	132ms 41ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/672/933/038/2vaHfk81vEO-oGarqc9snA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 3c160f50d489dbb1d02146c4aac4941e774f4a434f36f6a3ccdc179f5795f7cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	50 KB 50 KB	42ms 39ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/758/933/038/7apQhd2XuE620PT248ctkg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 4dfe3d7e73906e569da168121c3d8470589472e7d8ee5cba51e1ce8326391c52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	36 KB 36 KB	24ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/584/933/038/6jup_QbPMESyQdpZR7SQEw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 2d47c4b53b6473284fb7ae3a04c89db42468f11b195c4b9e2ecb65db81e346b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	74 KB 74 KB	24ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/570/933/038/Ke4a0xezpEWnFBORDrsabg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 75666be0bc24ffc3011fb547747c05a847f07557d1a0d1af7d72c4aa88726058 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	77 KB 77 KB	25ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/759/933/038/5X09Nhv6nUiPH_8Zm57ilg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash b535e1cb9f2bd753f1384560204390f05662976a6f21d8c354b3ae4105fa4b30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	48 KB 48 KB	26ms 25ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/518/933/038/s7XZZ7gw_ES9Q-4FbZbzFw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 96cd2e5b5409213c5fbf40d2bf9a6e7be5fc881868c3a4acb45464a0c9fc41d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	84 KB 84 KB	25ms 24ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/615/933/038/CD_n4rjMkU-l5YS9kB5VvA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 38ee6065b8b47b2cb132e2ff780dd68a630ed5ce689fcfb628c8e6d7041bd8fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	68 KB 68 KB	24ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/484/933/038/O9ch_qf35EWn5N1WKOoLmg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash ec2ecf78fef79f3e1c0dfba6a7017ba2c8014a0c8316338562f6a2785c45695e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:41 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:41 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	76 KB 76 KB	25ms 24ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/693/933/038/hWJmSw2K8EGFzUliU4qZoA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 272ed34ec74dcca16d8097d1cd9b90e4bca8f237622cc06b730e48439518325f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	44 KB 45 KB	24ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/535/933/038/ZtW9uQ4NNUak2VhYEl2MOw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 8d2fa8f953fb2b098ec9b3690a816f060e73356299f1c1cdc541ea8c52d583ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	17 KB 17 KB	25ms 24ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/461/933/038/cTXohiJH00ab2J7nJHwtcQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash a2ffc258c8a6eb23f0f7d30d48993ffb472cd1feda79673be2144f254ad67a22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	45 KB 45 KB	24ms 24ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/702/933/038/zi7px9nL3k-6yNcH4yHn2A_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash ad76aee610e71d508131dbb5fbf3873e74da37bb4cbebaaddb99f0d786df4bbb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	56 KB 57 KB	23ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/422/933/038/O_tzeQk1v0u64swP-1atyw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 02a3b9fe0e65c7c5cef36375ecc39d05ee5a1e30427b954813aef217bcdafbc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	64 KB 65 KB	23ms 23ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/509/933/038/w6aE4u4dNUebpD5NydbdrA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 5c5f3ba07263d437c02a3af8325af8b0d6baf9695915d974506e6611ebbb0443 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	45 KB 46 KB	24ms 24ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/755/933/038/dsYZrR8JYkmog7ZJR1lyeQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 30bf35080c064c7fb96e5a6c3206828001546b4a716a78aa3eca35621d86c3aa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:42 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 08:52:42 GMT
GET H3-29	200	pubads_impl_2021052001.js Show response securepubads.g.doubleclick.net/gpt/	309 KB 108 KB	31ms 15ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash d99bf1ea70a90213bc28437d4413da189cf244d2b80fba2ccb42de0b3d639727 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 20 May 2021 08:43:25 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110970 x-xss-protection 0 expires Tue, 25 May 2021 08:52:41 GMT
GET H2	200	ezosuigeneris.js Show response g.ezoic.net/	555 B 563 B	42ms 14ms	Script text/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigeneris.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash a6ff9e933d8ca8d4d6d6feced2c415ed9fbc0f1a243b25a2b6e38cc99d92c88b Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br last-modified Thu, 20 May 2021 16:48:11 GMT server nginx/1.16.0 etag bb91fafa40673926802ea3a79f9ac445 vary Accept-Encoding, Accept-Encoding content-type text/javascript cache-control max-age=999999, private content-length 276 expires Mon, 29 Apr 2020 21:44:55 GMT
GET H2	200	cmb.js Show response trovas.ch/detroitchicago/	122 KB 31 KB	22ms 20ms	Script application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash d527fd3163b486704eb88d073f837377cb675bceee44b442440dfd71e55b9f4e Request headers :path /detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b112735cd560ccdafebb2cb9f6a66efb65e00721265a1ffab0ca3341105983d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5dabda3c6f0eb9c30d61aeaac42d50d81e247093f88bf51db72d7e97c6dea1b8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 774ccf1a7033950e23c7f32b21b95d0b25d60427d63ff4abb0050b089a1b5612 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	i3.png trovas.ch/img/	3 KB 4 KB	26ms 25ms	Image image/webp	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/style.css?ff=1&wps=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 2c3b7b288c8d0fa45fe3520a694e0b788a17036cdd4e27327fd3d6fc7d9d6ce3 Request headers :path /img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/style.css?ff=1&wps=true :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/style.css?ff=1&wps=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br age 72128 x-amzn-requestid e144958b-c0a0-4528-ac5b-dd45adc73768 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id f1Yb7HtHIAMFldw= content-length 3454 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60aba119-09a08d900190fbf73de7eac6;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id Q-WwYgBfqv_Ayo9iWFjM21CfG5vaf0ygi5Y7QCWH76WpjaKXTchY2Q==
GET H2	200	houston.js Show response trovas.ch/detroitchicago/	3 KB 1 KB	11ms 10ms	Script application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/houston.js?gcb=4&cb=36 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa Request headers :path /detroitchicago/houston.js?gcb=4&cb=36 pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex content-length 1163
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 9 KB	23ms 7ms	Script application/javascript	2620:116:800d:21:51e4:db4b:4436:b305 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding gzip etag "WhyxmPkT7L77qVDcrjxwGw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Tue, 01 Jun 2021 08:52:41 GMT
GET H2	200	imp.gif Show response trovas.ch/detroitchicago/	43 B 128 B	10ms 9ms	XHR image/gif	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A3%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A4%2C%22page_ad_positions%22%3A%221100%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%224be839f5-c8c7-47d0-663d-9a06dc123ee5%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36625%2C%22response_time_orig%22%3A40%2C%22serverid%22%3A%2252.29.102.73%3A17771%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%22%2C%22t_epoch%22%3A1621932761%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1265%2C%22worst_bad_word_level%22%3A0%7D Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers :path /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A3%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A4%2C%22page_ad_positions%22%3A%221100%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%224be839f5-c8c7-47d0-663d-9a06dc123ee5%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36625%2C%22response_time_orig%22%3A40%2C%22serverid%22%3A%2252.29.102.73%3A17771%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%22%2C%22t_epoch%22%3A1621932761%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1265%2C%22worst_bad_word_level%22%3A0%7D pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 47
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	ezosuigenerisc.js Show response g.ezoic.net/	0 54 B	14ms 13ms	Script text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigenerisc.js?nogen=1 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT cache-control max-age=300, private server nginx/1.16.0 content-length 0 vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	nmash.js trovas.ch/porpoiseant/	33 KB 9 KB	11ms 11ms	Other application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/nmash.js?v=19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd Request headers :path /porpoiseant/nmash.js?v=19 pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode same-origin accept */* cache-control no-cache sec-fetch-dest worker :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br last-modified Thu, 20 May 2021 16:48:11 GMT server nginx/1.16.0 etag "854d-5c2c5b56208c0;5c2c5b56208c0-gzip" vary Accept-Encoding Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex
GET H2	200	tr.jpg trovas.ch/img/	4 KB 4 KB	28ms 27ms	Image image/webp	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/tr.jpg?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 9c966e431778c1dcb42ef3389115f209f07d8d04bf0b221504425fc81159dafc Request headers :path /img/tr.jpg?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br age 69702 x-amzn-requestid 64a10ad0-bee7-45e5-a1c7-9ab99479ff2d x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id f1eXBEYmIAMFdtg= content-length 3656 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60abaa93-651b9e5e2cc1badc16da3f9c;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id uOvhVTIq1wq6dOdAX6L8aL8erQhN5xJgiwy0-5foFjOWZ7mUnO1plw==
GET H2	200	arr.png trovas.ch/img/	3 KB 3 KB	23ms 22ms	Image image/webp	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/arr.png?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash f3d9b11f0214ef1686c1e744aac68cdb7f00d0fca136bc211c4fe42290d1c797 Request headers :path /img/arr.png?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT content-encoding br age 77101 x-amzn-requestid 0fa57aeb-0331-4b6a-864b-43b881e56027 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id f1MS0Gl3IAMF_8A= content-length 3180 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60ab8dab-1f88964d27bfba980a10187c;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id 1cuMJkWNARqbvkbRTONeTiQt0AKu2Anw4ay-tT9SuL7FmAodvToh4g==
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 104 B	8ms 8ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6ImJiOTFmYWZhNDA2NzM5MjY4MDJlYTNhNzlmOWFjNDQ1In1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6ImJiOTFmYWZhNDA2NzM5MjY4MDJlYTNhNzlmOWFjNDQ1In1dfV0= pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:41 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:41 UTC
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	26ms 5ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 4965 date Tue, 25 May 2021 07:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Tue, 25 May 2021 09:29:56 GMT
GET H2	200	rules-p-31iz6hfFutd16.js Show response rules.quantcount.com/	3 B 428 B	26ms 6ms	Script application/javascript	2600:9000:211e:5600:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-31iz6hfFutd16.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 17:14:39 GMT via 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront) age 56282 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 19:50:24 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop FRA56-C2 accept-ranges bytes x-amz-cf-id r079bqHWloIvvS20g-Ave7BUXRam0ICaogfs5hJle6x6Qpw5mw3IWg==
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	28ms 14ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=509001146&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&ul=en-us&de=UTF-8&dt=Dein%20Gratis%20Inserate%20und%20Kleinanzeigen%20Marktplatz%20-%20trovas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1548175905&gjid=2110203775&cid=529409349.1621932762&tid=UA-4377331-90&_gid=1557850576.1621932762&_r=1&gtm=2ou5j0&z=8184968 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 25 May 2021 08:52:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://trovas.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel;r=1568525180;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-275375946-1621932761628;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d... pixel.quantserve.com/	35 B 371 B	11ms 10ms	Image image/gif	2620:116:800d:21:51e4:db4b:4436:b305 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1568525180;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-275375946-1621932761628;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=trovas.ch;je=0;sr=1600x1200x24;dst=1;et=1621932761628;tzo=-120;ogl=image.https%3A%2F%2Ftrovas%252Ech%2Fimg%2Ftr%252Ejpeg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:41 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 799 B	35ms 14ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	36ms 15ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:41 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	446 B 265 B	491ms 490ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=2626238501179569&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=a%3D%257C252%257C%26iid3%3D287979%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-287979%26eb_br%3D5297de5240aa45da173a0792747e0d26%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26acptad%3D1%26br1%3D850%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621932761&dt=1621932761970&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=156&adks=1828697630&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=984x250&msz=970x250&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 212286bb4a259294ee86f2d8167fd8629f42e0b00ebc49578d55f125feb76d1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:42 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 235 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	48ms 13ms	Other text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	26ms 6ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 271 B	489ms 488ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=1642438757565749&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=a%3D%257C3%257C%26iid4%3D325372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-325372%26eb_br%3Dd81e229576f8cb8a43ff5c6a8e596727%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D2%26bvm%3D0%26bvr%3D6%26shp%3D1%26br1%3D1500%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621932761&dt=1621932761985&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash d49ca2cad693d00eb29ca36a3e55dddce6812f70f6c0d4ab782499ec8a272cc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:42 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 241 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 65 B	37ms 36ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjIyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxODkifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjYifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTM3In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMTM3In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjM2NCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjI5NSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMjk1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjIyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxODkifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjYifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTM3In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMTM3In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjM2NCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjI5NSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMjk1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX1d pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=bb91fafa40673926802ea3a79f9ac445; _ga=GA1.2.529409349.1621932762; _gid=GA1.2.1557850576.1621932762; _gat_gtag_UA_4377331_90=1; __qca=P0-275375946-1621932761628; ezux_lpl_174954=1621932761674|4be839f5-c8c7-47d0-663d-9a06dc123ee5|false; __gads=ID=ba652ed1757c1b37-22b89c6e1ec800ba:T=1621932761:S=ALNI_MaZYyM9HExoCt86Ul5Y51vKyLxQ5Q accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:42 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:42 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	39ms 38ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTE2MCJ9XX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTE2MCJ9XX1d pragma no-cache cookie PHPSESSID=nkrlt57asu6arb97ojr337epu6; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621932761; ezopvc_174954=1; ezepvv=373; ezovid_174954=1783200239; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621932761; ezovuuid_174954=6ec70ebc-67cc-4fe1-634a-9d8ee809b408; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=bb91fafa40673926802ea3a79f9ac445; _ga=GA1.2.529409349.1621932762; _gid=GA1.2.1557850576.1621932762; _gat_gtag_UA_4377331_90=1; __qca=P0-275375946-1621932761628; ezux_lpl_174954=1621932761674|4be839f5-c8c7-47d0-663d-9a06dc123ee5|false; __gads=ID=ba652ed1757c1b37-22b89c6e1ec800ba:T=1621932761:S=ALNI_MaZYyM9HExoCt86Ul5Y51vKyLxQ5Q accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:42 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:41 UTC
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	38ms 18ms	XHR application/json	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3289de7bdfbdcd249b23996cb84cbdd4ec0a20cda8a22fb30c7632a8a7df5af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:42 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7674 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	30ms 15ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:42 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Tue, 25 May 2021 08:52:42 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame E5E2	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Tue, 25 May 2021 08:39:44 GMT expires Wed, 25 May 2022 08:39:44 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 778 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 95E6	783 B 857 B	15ms 15ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 144ee2eab3a881033c8b4d2d8b462814e2eccb063522ec889752612343d77326 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Gk6DRRBwkeFK2EuWsLoyKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers expires Tue, 25 May 2021 08:52:42 GMT date Tue, 25 May 2021 08:52:42 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-Gk6DRRBwkeFK2EuWsLoyKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response pagead2.googlesyndication.com/bg/ Frame E5E2	14 KB 6 KB	21ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 19:06:10 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 49592 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 expires Tue, 24 May 2022 19:06:10 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	16ms 15ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052001&jk=2409620432761035&bg=!dnWldTHNAAZ7hX_Ue4U7ACkAdvg8Wi7geqnYg3iIphJ3O4MSK9Blpwe_NCA5BUnUgXK5GUFy5yWIaAIAAABzUgAAAA1oAQcKARUea5G2iR1hpWo5qEg1NQpxY-P8MKWbXNCHLkv4UMr4SKqXub6TUa9H6t8CTXkXBazk0vPFlk9_J-M-ubZApQHt0s8A9KCzHCMwOF6NWd6KANnckhdn7PXm3bNE583mRE8FapRa5yjb5M6AUYDheCWGiFMOMgwr0shkZZErhPBg_lvSI3fYvsBqm76Lzk3oNdsqjdQiqvVedhGBuAEm1mMWjwB_rMyk9L_CRB5_YgfnEus_j9dvVP1nKUK5O9F92nmMYRq8AWKoh1Pefstsy9k8gNKm3NMaUMtTqgoYGNY_HH5sYl8cqcYPlYaCms7-79KN4aE4Dh44PLTDuPP9asqAPOnNExSerk20UY4s6wQpFoO9LgMLmQI72YZse8ydbKxilRvpZJm72o5cbXIWS9vrFJ_U45X9B50-VO937ifecDGNM54KnfGPfNN1D8N7dud7indrwMTIRw1KkoxyGDjppoyoMO1GlYIBpJ2dJ1dJdSf-kIq91QPJ9mGT109xSCrIVQxiwia9YnodzChZemx8bB9H5Vr0W9EZhVzsrX7bYx8ppJ8zJqw65cNmoL3Q4lOa-T33Mox8bcYeXfRe9uCl0GbtGlkM8zUMFyBEXSxbY5xkdGGpwt6Cq7mKnYtqH4LXtnW9S_hxH_yz49psgGmBy2vsOXRTGckYhPx8yYZk76ql48Cn0Ex8F0G2n6lYbDy84kKMC0stzoPzvH0vbSfC1GZBi2DAi3VUMud6dWPUOoYH0uVLFs_UyVWGE1ER0DJYagXBzbpr8PqBQ1_l3vCAPKY5_tUl3oZu1qDDjst2Ppdv-VpG_DSzK3179r745ABHfsg_wbToB-UDErOtQJux2cdckKf1rFo804Id2PVm4HyI352WL4kAENJYG6x8K0TfMNgacd9_Cts8b2utBIuHclzYS3iljxwOnE64270E30k1Zs6qQABKzwDIe3TYiEeNWrEfr4ASAY_-Gx-nWqJPNOS3EqojrZ2HIeJRZQRDwHeuwrrHVyTrxIq5jNOdhndOHaxXfXC8pJBGru4TDUms1FYYyyLLp88IALeR0sOOHBpQw_lBdb-YSrBrqWe6b_Ziq2agT3tyjUGSl1-uikjZU1mViBJX7I80vxQIECoyn6_U2g Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:42 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	15ms 14ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:45 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:45 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 421 B	521ms 521ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=3341501645577478&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid4%3D325372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-325372%26eb_br%3D6ac330e431a70c7d8ce9fb95aee95c72%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D2%26bvm%3D0%26bvr%3D6%26shp%3D1%26br1%3D750%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%26lb%3D1500%26reqt%3D1621932765037&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621932765&dt=1621932765041&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 2e1b4f756a4a893176386377611258aa748bcf85a6fe3ec0d2dbfd41ee140006 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:45 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 243 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	446 B 769 B	489ms 489ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=2836636658340095&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ris=3&rcs=1&prev_scp=a%3D%257C252%257C%26iid3%3D287979%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-287979%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26acptad%3D1%26br1%3D450%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%26lb%3D850%26reqt%3D1621932765042&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621932765&dt=1621932765045&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=156&adks=1828697630&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=984x250&msz=970x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash bee6b6a1faf53fbe3c27ddb564915489bb45059cf050d00ebc32d34e167297dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:45 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 233 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	17ms 15ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:46 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	446 B 408 B	428ms 428ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=3642973766382895&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ris=2&rcs=2&prev_scp=a%3D%257C252%257C%26iid3%3D287979%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-287979%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26acptad%3D1%26br1%3D220%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C20%26lb%3D450%26reqt%3D1621932765549&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621932766&dt=1621932766557&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=156&adks=1828697630&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=984x250&msz=970x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 10f4c816ce9d259b43daf487b729736b1e4f39d595b2262459906d1fc442992b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:46 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 231 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	2 KB 1 KB	324ms 324ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=2445951824784562&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid4%3D325372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-325372%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D2%26bvm%3D0%26bvr%3D6%26shp%3D1%26br1%3D500%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%26lb%3D750%26reqt%3D1621932765571&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621932766&dt=1621932766574&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash c8b883233b4c55d9c78184f0075d765708b4d38ebababb743f2f18bfd82b5f68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:46 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1116 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	8ms 8ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTIxIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTIxIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:46 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:46 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 65 B	7ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE1NiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTEwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE1NiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTEwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:46 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:46 UTC
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	33ms 16ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	23ms 22ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:47 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	15 KB 8 KB	412ms 408ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=2629733163010775&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ris=1&rcs=3&prev_scp=a%3D%257C252%257C%26iid3%3D287979%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-287979%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D14%26bvm%3D0%26bvr%3D4%26shp%3D1%26acptad%3D1%26br1%3D70%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C20%2C17%2C19%2C20%2C608%26lb%3D220%26reqt%3D1621932767063&eri=1&cookie=ID%3D4534b631b65d1079-22373c031fc800d4%3AT%3D1621932766%3AS%3DALNI_MZSbkoMoFYmMcuGm3lN23nsAE9nTg&bc=31&abxe=1&lmt=1621932767&dt=1621932767070&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=156&adks=1828697630&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=984x250&msz=970x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 63c63180f1e698210839111c5b6e6857254b40152fc3e81e3451ef5b3a6c264b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8658 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	437 B 259 B	518ms 517ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=2450994095923723&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid4%3D325372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-325372%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D2%26bvm%3D0%26bvr%3D6%26shp%3D1%26br1%3D260%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C20%26lb%3D500%26reqt%3D1621932767077&eri=1&cookie=ID%3D4534b631b65d1079-22373c031fc800d4%3AT%3D1621932766%3AS%3DALNI_MZSbkoMoFYmMcuGm3lN23nsAE9nTg&bc=31&abxe=1&lmt=1621932767&dt=1621932767079&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 15f495132263bdeed6bc6c550805c5d73fade4890d229a106da7a37691b78d7c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 228 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD50	6 KB 3 KB	6ms 6ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 25 May 2021 08:52:42 GMT expires Wed, 25 May 2022 08:52:42 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 5 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	36ms 13ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d20865ab544e7dab6a0553034edc5845335cd7c23375745db9a755c532311463 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855618012992" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27995 x-xss-protection 0 expires Tue, 25 May 2021 08:52:47 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 65 B	8ms 8ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjYyMDIifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjYyMDIifV19XQ== pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=70; ezouspva=1; ezouspvh=70 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:47 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	16ms 8ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI4Nzk3OSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyODc5NzkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDIyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1ODUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI4Nzk3OSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI4Nzk3OSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyODc5NzkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDIyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1ODUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI4Nzk3OSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=70; ezouspva=1; ezouspvh=70 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:47 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 93 B	37ms 10ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 May 2021 08:52:47 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	14ms 8ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=70; ezouspva=1; ezouspvh=70 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	8ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhdWN0aW9uX2Vwb2NoIjoxNjIxOTMyNzY4LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImJpZF9mbG9vcl9pbml0aWFsIjo4NTAsImJpZF9mbG9vcl9wcmV2IjoyMjAsImJpZF9mbG9vcl9maWxsZWQiOjcwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0MzgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhdWN0aW9uX2Vwb2NoIjoxNjIxOTMyNzY4LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImJpZF9mbG9vcl9pbml0aWFsIjo4NTAsImJpZF9mbG9vcl9wcmV2IjoyMjAsImJpZF9mbG9vcl9maWxsZWQiOjcwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0MzgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=70; ezouspva=1; ezouspvh=70 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:47 UTC
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E22F	478 B 690 B	44ms 22ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJLxs6kBMAE&v=APEucNXVsypIgDwF5ZhAl5tS-CwRgKjEihbPk7N3xQo4yvMDjumGApb1-rxQcSRmR8DP6JHxy7y7F708VXpzyfwbWK7uK34SkNgzGOvMYWVaQ8khAQOb73IhIzZSi7Sb55b20s4ne_dc9nUxtw9YhhpTyLRW7AGq0fY4MnF3wg7TKC7u9eTGRjPpovPNpyUsKhKLbPTWE5Q8XJdy8_lybiFbtlNf7MIxm_xmxxi-AfaSbDTSRAHe2ts Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=COD5IRCYs44CGJLxs6kBMAE&v=APEucNXVsypIgDwF5ZhAl5tS-CwRgKjEihbPk7N3xQo4yvMDjumGApb1-rxQcSRmR8DP6JHxy7y7F708VXpzyfwbWK7uK34SkNgzGOvMYWVaQ8khAQOb73IhIzZSi7Sb55b20s4ne_dc9nUxtw9YhhpTyLRW7AGq0fY4MnF3wg7TKC7u9eTGRjPpovPNpyUsKhKLbPTWE5Q8XJdy8_lybiFbtlNf7MIxm_xmxxi-AfaSbDTSRAHe2ts pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnPBOJTyMyiK23N5s5EcZqgnXMKpETlj7LALQE8hdJSPJY024TWVtm4phpKflE Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 25 May 2021 08:52:47 GMT server cafe cache-control private content-length 230 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame FD50	57 KB 23 KB	58ms 38ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwSBaIgpUTjGTDeJJLW_PagDduUH89B8J_J1ZkUv6fgrKC56nXRvUFjeJy6SABNwWID0zqsaiwcBXVGMItN4e7raUZzldb1V15Q7gH_OtX2bogXww3kb_ImlKFwugsma2TjD_4q5IKRlBvPI_hwH7w_6wDGA&dbm_d=AKAmf-CHmzE_8QWK3V9m3aCswGcoXWkhtSGgB_4aNkB_7NTAWRRFMrVt5pg5zc5eRGfj4wEMFRJgcb9picU0m7Oz03A96FWvtyACTDPYUya8CyeB99i7zzXk7HKpMssv1hWxKklau9a6MiBnBT7ocl473dyVBXT53JSbXVs5CAuuqpJa4Mo98Es4XkerlpVYihJ2rDZ9c5AeiDh_nZgBp8yewfcWWxiQyE9I83dYbMvA5aE5SJ61fYmb3Etr6Iue-EpSFJVJCY1GF60KfXze49PiyWd4tcHskueKEALb5aJULAsY2thAiiwbe8hdqq-b7uAx1PuN-CchFtt-SoVZmY-nO0WUMCws3MSD5p1ijTCWYpj_jSGTf7vJySaXUEhLZXsbffKBLqCsgnMdjkeGBFptbJ__BTpWl3ICW59ZKG3wtF6WAYVEfqsu2aBZvfd4lAI1FcHvoXkigadwW1d33bwXBj_cSCWlEscRTGXyu3QAo9_yLiJYjvosrtnIz1-sS2QLMLkG0drtjv86kGUeLK09yAu77CwEWl2G3KQ0hGCpQ4kGxdFQkFoAWwe2Bbz7TynWDwICxKObjV7HJp8wnGy83GNUpf11TjcL0le6KduLD2mpyATlvX7yWTxSvUb99jDZ12NPtPVzkzPwgC1TiQh9ISRMEUjzoh0PFK3UGjk1sKZ0E8L-fL5_t9m44IpsQy_Y2TuAxc1Eh35wKy_qlSXnsNSnONKNZhwD9O3IGXRSQyUrzFMudVLxkiXG9xBS9HwFoeQu9pGl1of_UHmBQVV8YjMDFAestDP5t4epQ68Tqlav1-bS5XE-FYELqxMqpmL2QlLjhWvWAgbIACSBSohN2iU_ZkVu3CzqfQSZL0CddVJlQnupkpEhM3s_fHH9PZ2FNs8H0_R20vw1EKF8dGGWZZERxyBaGRrHFRNwq1Bc6N3bKhngKxs6o-jLSHXPutgnOhiISLznjXwGn2NEdo_Szupa1agPrdfLrhtdRwEygysGmdeWDNZhEP6meG9aKC1kayJW2eCHwKTcuE2t_Pt_wWzPMcYBjMOGo9ZpXxPA1hJ3as7CBBm5TbignC8nBL3FLLPUkUIbi2xw6yElcKdScFvXrW4f-ck7Sv8oXMtLJH9Go2PZwjTgoppzN7achJCgn2d2sDX045KfEqF7yQRo7aJx6oOmBH_nq9ZiN2TKvYWWTao_iqWKVQKb6nQfsT2h9OjHswmlQUrgxrjqMsxBlgG1cr7AmKvAwIXqQCca3sd1PgJVNOvPSZA8ZkUOgueIDsTkd7lHOEu0tjLLb2i88vCZ2OoTXkSHkFXlfacZ9Jfsacruy2C2je0Z-i9R95xVvQ2tr7CN1WJ_XTKuaJjKWFlNC3Vzy7-8kIPqECPKd31xLyn7GYMFy3e-ZO4a5vGW-Q2QlWNvBpV5gaZHsn_sk5I92JyNkCSzzdJW75Qhp1JIH-sqbW_pLhiaV-6vj9TArDDICBbO5nJK_JeAljNx34IziVLLqY0QNj_aYsiTPaLCYVetIXeRIxtuLwG-yryT6LdEnctJsIQq7cn4eqm_XxYdxmDsvLh4Ed5rL078_dKDhTHQ1tERx1YQ-REL4beTuwSzLkaemc5UdVuorKAqMp7rzlIbNGijKtwrFs0SDR20LOVDXUOqP-wIa05eBX_3ywJxo8EHgGKJhKJoKvC43SDr6vg7VU0qXuxhwp2ZodDut1Jr4MtCMjTa-MgKPydDxE4zCytJSCuTlysASAEuiadHnVoqtUOjwjnocN4PUXNJ8LaWPd7sLURuJlfrqggbkKijYLTwCcIHwi-HK-JjNMmEyzOmfdWJjryqKV_qyYado5ezqaC-Gl5ei5nfXN0nFO_yGI2-S1ogqp8m-0xfhs1NtmmmOzRljO3jdwLlXMkS21E5QXsPuhRPOEXuUO7r-LcsZBLjDf6QnQqq1BsOum2Wz68le-OMuXqCt0MjtSHZoDVRWerN6Uqj2IynCdciuV3uHmEBpaPGMffq9QFHP8ne3qjxiu9MQo8qs-TGphfSiK2lbAxVKX13c2zysSHcfmyBwrmdg5fsQjNGUvAiSBvRlSYQ3AE9UsQTgriRyyqDCV3EquE0VzmMJW8HVNj8HB76_ZbPptoPwz6Hhe8hHeTnme6o_ayvJ-9U7_dtjjHe9bJvDOkwjhgoSIp5oqakgonuHF6ZxnQARbpAyf3vddzoY6y_HLTlaQ4kZNiMm7juwA9wjL_AJXrKLhJTK85TbNNgCgt3gUST_Hl-LLZ53Bz40jrhux4bFKNUv5Smjr_YisaT9RUX24wQg4ZFVguq1BdKmvgu_6dq_VFyuKfjO9PKO5ZiZ4Oqgyk4UPkMCtX4e8l4lHEieDNydB7vxZka3Sv8d0Mf9SSDOF8n17flbColRgk4ASKd6x0A4r7k23oXhZu2yw1tIMDPplVVQV7F-eP7rN70tFu8OhvhSbTWTmYvBiKOsIalRn7iWLPz0cstIgj6Ap35Jc8hkuMcEKoqerrkp0tPK8ukJPUQpV7VWeMOryehlszLuZypsxNiRnATSbJEKqcU0l-GWSlMX_KsWVB7RqhQu1ddyjI56FG_KI52Dpv1C4q7F4GIcDXRUKx3a_sgQBDh1uK4qdglcuAaLWApx6mIZ5JOnxQFYL66aHLF3pbyOY_MZt4ji2QVSOPEDtfwL6Rwvv5GH2qwvhtSdo6b216Bbf-ElhuxQbKITdy37naitShen8_MJVQQHfiON1Q2xREhtvSHyjcWFLH94kyxg3N02Ontu5vIMIhX5nqYVzuoTESiUCXO35KtwnaIXEVybWOeIkUyS8Yc6i95A0Wx54QYC6s7X-O0BENi-ViVyNNUgJMqJGKwXVJieyqFxPc7ZenHFp3xyxDQtloydmv5NsigG7-SrRV9qnPcuidHSCblzRqI87YHPtTphe6_bUj9UhA-nOMhdTZn4erJWaLAYujuZQ350HRgQ3S-RJTjmvyyhPyG27FRGTua1Rfu9rm6Sfu4vbZFM44gAqCQxDxPJznO&cid=CAASEuRojVKJTWv376fVWZ6A-RnSpg&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 62bda1d2302fd4e96b56ce975401a24f55560df98866e320618f6ebda5139a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23797 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame FD50	42 B 498 B	37ms 14ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dfe9M4rw73_rAiYVfWdV1i3X04um1QINNF2S-n5hgQE3uvAm_3KPhZ3fy40ysUA0Z6cbl8I_3F2bWEqJth1ZUYu3baRElIhU5CVOmxVvXZhgm6I3s Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame FD50	2 KB 1 KB	10ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:10 GMT content-encoding gzip x-content-type-options nosniff age 37 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:52:10 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FD50	119 KB 36 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855623965245" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37215 x-xss-protection 0 expires Tue, 25 May 2021 08:52:47 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame FD50	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:46:48 GMT content-encoding gzip x-content-type-options nosniff age 359 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:46:48 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame FD50	111 KB 39 KB	28ms 5ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:58:51 GMT content-encoding gzip x-content-type-options nosniff age 64436 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 14:58:51 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame FD50	8 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwSBaIgpUTjGTDeJJLW_PagDduUH89B8J_J1ZkUv6fgrKC56nXRvUFjeJy6SABNwWID0zqsaiwcBXVGMItN4e7raUZzldb1V15Q7gH_OtX2bogXww3kb_ImlKFwugsma2TjD_4q5IKRlBvPI_hwH7w_6wDGA&dbm_d=AKAmf-CHmzE_8QWK3V9m3aCswGcoXWkhtSGgB_4aNkB_7NTAWRRFMrVt5pg5zc5eRGfj4wEMFRJgcb9picU0m7Oz03A96FWvtyACTDPYUya8CyeB99i7zzXk7HKpMssv1hWxKklau9a6MiBnBT7ocl473dyVBXT53JSbXVs5CAuuqpJa4Mo98Es4XkerlpVYihJ2rDZ9c5AeiDh_nZgBp8yewfcWWxiQyE9I83dYbMvA5aE5SJ61fYmb3Etr6Iue-EpSFJVJCY1GF60KfXze49PiyWd4tcHskueKEALb5aJULAsY2thAiiwbe8hdqq-b7uAx1PuN-CchFtt-SoVZmY-nO0WUMCws3MSD5p1ijTCWYpj_jSGTf7vJySaXUEhLZXsbffKBLqCsgnMdjkeGBFptbJ__BTpWl3ICW59ZKG3wtF6WAYVEfqsu2aBZvfd4lAI1FcHvoXkigadwW1d33bwXBj_cSCWlEscRTGXyu3QAo9_yLiJYjvosrtnIz1-sS2QLMLkG0drtjv86kGUeLK09yAu77CwEWl2G3KQ0hGCpQ4kGxdFQkFoAWwe2Bbz7TynWDwICxKObjV7HJp8wnGy83GNUpf11TjcL0le6KduLD2mpyATlvX7yWTxSvUb99jDZ12NPtPVzkzPwgC1TiQh9ISRMEUjzoh0PFK3UGjk1sKZ0E8L-fL5_t9m44IpsQy_Y2TuAxc1Eh35wKy_qlSXnsNSnONKNZhwD9O3IGXRSQyUrzFMudVLxkiXG9xBS9HwFoeQu9pGl1of_UHmBQVV8YjMDFAestDP5t4epQ68Tqlav1-bS5XE-FYELqxMqpmL2QlLjhWvWAgbIACSBSohN2iU_ZkVu3CzqfQSZL0CddVJlQnupkpEhM3s_fHH9PZ2FNs8H0_R20vw1EKF8dGGWZZERxyBaGRrHFRNwq1Bc6N3bKhngKxs6o-jLSHXPutgnOhiISLznjXwGn2NEdo_Szupa1agPrdfLrhtdRwEygysGmdeWDNZhEP6meG9aKC1kayJW2eCHwKTcuE2t_Pt_wWzPMcYBjMOGo9ZpXxPA1hJ3as7CBBm5TbignC8nBL3FLLPUkUIbi2xw6yElcKdScFvXrW4f-ck7Sv8oXMtLJH9Go2PZwjTgoppzN7achJCgn2d2sDX045KfEqF7yQRo7aJx6oOmBH_nq9ZiN2TKvYWWTao_iqWKVQKb6nQfsT2h9OjHswmlQUrgxrjqMsxBlgG1cr7AmKvAwIXqQCca3sd1PgJVNOvPSZA8ZkUOgueIDsTkd7lHOEu0tjLLb2i88vCZ2OoTXkSHkFXlfacZ9Jfsacruy2C2je0Z-i9R95xVvQ2tr7CN1WJ_XTKuaJjKWFlNC3Vzy7-8kIPqECPKd31xLyn7GYMFy3e-ZO4a5vGW-Q2QlWNvBpV5gaZHsn_sk5I92JyNkCSzzdJW75Qhp1JIH-sqbW_pLhiaV-6vj9TArDDICBbO5nJK_JeAljNx34IziVLLqY0QNj_aYsiTPaLCYVetIXeRIxtuLwG-yryT6LdEnctJsIQq7cn4eqm_XxYdxmDsvLh4Ed5rL078_dKDhTHQ1tERx1YQ-REL4beTuwSzLkaemc5UdVuorKAqMp7rzlIbNGijKtwrFs0SDR20LOVDXUOqP-wIa05eBX_3ywJxo8EHgGKJhKJoKvC43SDr6vg7VU0qXuxhwp2ZodDut1Jr4MtCMjTa-MgKPydDxE4zCytJSCuTlysASAEuiadHnVoqtUOjwjnocN4PUXNJ8LaWPd7sLURuJlfrqggbkKijYLTwCcIHwi-HK-JjNMmEyzOmfdWJjryqKV_qyYado5ezqaC-Gl5ei5nfXN0nFO_yGI2-S1ogqp8m-0xfhs1NtmmmOzRljO3jdwLlXMkS21E5QXsPuhRPOEXuUO7r-LcsZBLjDf6QnQqq1BsOum2Wz68le-OMuXqCt0MjtSHZoDVRWerN6Uqj2IynCdciuV3uHmEBpaPGMffq9QFHP8ne3qjxiu9MQo8qs-TGphfSiK2lbAxVKX13c2zysSHcfmyBwrmdg5fsQjNGUvAiSBvRlSYQ3AE9UsQTgriRyyqDCV3EquE0VzmMJW8HVNj8HB76_ZbPptoPwz6Hhe8hHeTnme6o_ayvJ-9U7_dtjjHe9bJvDOkwjhgoSIp5oqakgonuHF6ZxnQARbpAyf3vddzoY6y_HLTlaQ4kZNiMm7juwA9wjL_AJXrKLhJTK85TbNNgCgt3gUST_Hl-LLZ53Bz40jrhux4bFKNUv5Smjr_YisaT9RUX24wQg4ZFVguq1BdKmvgu_6dq_VFyuKfjO9PKO5ZiZ4Oqgyk4UPkMCtX4e8l4lHEieDNydB7vxZka3Sv8d0Mf9SSDOF8n17flbColRgk4ASKd6x0A4r7k23oXhZu2yw1tIMDPplVVQV7F-eP7rN70tFu8OhvhSbTWTmYvBiKOsIalRn7iWLPz0cstIgj6Ap35Jc8hkuMcEKoqerrkp0tPK8ukJPUQpV7VWeMOryehlszLuZypsxNiRnATSbJEKqcU0l-GWSlMX_KsWVB7RqhQu1ddyjI56FG_KI52Dpv1C4q7F4GIcDXRUKx3a_sgQBDh1uK4qdglcuAaLWApx6mIZ5JOnxQFYL66aHLF3pbyOY_MZt4ji2QVSOPEDtfwL6Rwvv5GH2qwvhtSdo6b216Bbf-ElhuxQbKITdy37naitShen8_MJVQQHfiON1Q2xREhtvSHyjcWFLH94kyxg3N02Ontu5vIMIhX5nqYVzuoTESiUCXO35KtwnaIXEVybWOeIkUyS8Yc6i95A0Wx54QYC6s7X-O0BENi-ViVyNNUgJMqJGKwXVJieyqFxPc7ZenHFp3xyxDQtloydmv5NsigG7-SrRV9qnPcuidHSCblzRqI87YHPtTphe6_bUj9UhA-nOMhdTZn4erJWaLAYujuZQ350HRgQ3S-RJTjmvyyhPyG27FRGTua1Rfu9rm6Sfu4vbZFM44gAqCQxDxPJznO&cid=CAASEuRojVKJTWv376fVWZ6A-RnSpg&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:50:43 GMT content-encoding gzip x-content-type-options nosniff age 124 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:50:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame FD50	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwSBaIgpUTjGTDeJJLW_PagDduUH89B8J_J1ZkUv6fgrKC56nXRvUFjeJy6SABNwWID0zqsaiwcBXVGMItN4e7raUZzldb1V15Q7gH_OtX2bogXww3kb_ImlKFwugsma2TjD_4q5IKRlBvPI_hwH7w_6wDGA&dbm_d=AKAmf-CHmzE_8QWK3V9m3aCswGcoXWkhtSGgB_4aNkB_7NTAWRRFMrVt5pg5zc5eRGfj4wEMFRJgcb9picU0m7Oz03A96FWvtyACTDPYUya8CyeB99i7zzXk7HKpMssv1hWxKklau9a6MiBnBT7ocl473dyVBXT53JSbXVs5CAuuqpJa4Mo98Es4XkerlpVYihJ2rDZ9c5AeiDh_nZgBp8yewfcWWxiQyE9I83dYbMvA5aE5SJ61fYmb3Etr6Iue-EpSFJVJCY1GF60KfXze49PiyWd4tcHskueKEALb5aJULAsY2thAiiwbe8hdqq-b7uAx1PuN-CchFtt-SoVZmY-nO0WUMCws3MSD5p1ijTCWYpj_jSGTf7vJySaXUEhLZXsbffKBLqCsgnMdjkeGBFptbJ__BTpWl3ICW59ZKG3wtF6WAYVEfqsu2aBZvfd4lAI1FcHvoXkigadwW1d33bwXBj_cSCWlEscRTGXyu3QAo9_yLiJYjvosrtnIz1-sS2QLMLkG0drtjv86kGUeLK09yAu77CwEWl2G3KQ0hGCpQ4kGxdFQkFoAWwe2Bbz7TynWDwICxKObjV7HJp8wnGy83GNUpf11TjcL0le6KduLD2mpyATlvX7yWTxSvUb99jDZ12NPtPVzkzPwgC1TiQh9ISRMEUjzoh0PFK3UGjk1sKZ0E8L-fL5_t9m44IpsQy_Y2TuAxc1Eh35wKy_qlSXnsNSnONKNZhwD9O3IGXRSQyUrzFMudVLxkiXG9xBS9HwFoeQu9pGl1of_UHmBQVV8YjMDFAestDP5t4epQ68Tqlav1-bS5XE-FYELqxMqpmL2QlLjhWvWAgbIACSBSohN2iU_ZkVu3CzqfQSZL0CddVJlQnupkpEhM3s_fHH9PZ2FNs8H0_R20vw1EKF8dGGWZZERxyBaGRrHFRNwq1Bc6N3bKhngKxs6o-jLSHXPutgnOhiISLznjXwGn2NEdo_Szupa1agPrdfLrhtdRwEygysGmdeWDNZhEP6meG9aKC1kayJW2eCHwKTcuE2t_Pt_wWzPMcYBjMOGo9ZpXxPA1hJ3as7CBBm5TbignC8nBL3FLLPUkUIbi2xw6yElcKdScFvXrW4f-ck7Sv8oXMtLJH9Go2PZwjTgoppzN7achJCgn2d2sDX045KfEqF7yQRo7aJx6oOmBH_nq9ZiN2TKvYWWTao_iqWKVQKb6nQfsT2h9OjHswmlQUrgxrjqMsxBlgG1cr7AmKvAwIXqQCca3sd1PgJVNOvPSZA8ZkUOgueIDsTkd7lHOEu0tjLLb2i88vCZ2OoTXkSHkFXlfacZ9Jfsacruy2C2je0Z-i9R95xVvQ2tr7CN1WJ_XTKuaJjKWFlNC3Vzy7-8kIPqECPKd31xLyn7GYMFy3e-ZO4a5vGW-Q2QlWNvBpV5gaZHsn_sk5I92JyNkCSzzdJW75Qhp1JIH-sqbW_pLhiaV-6vj9TArDDICBbO5nJK_JeAljNx34IziVLLqY0QNj_aYsiTPaLCYVetIXeRIxtuLwG-yryT6LdEnctJsIQq7cn4eqm_XxYdxmDsvLh4Ed5rL078_dKDhTHQ1tERx1YQ-REL4beTuwSzLkaemc5UdVuorKAqMp7rzlIbNGijKtwrFs0SDR20LOVDXUOqP-wIa05eBX_3ywJxo8EHgGKJhKJoKvC43SDr6vg7VU0qXuxhwp2ZodDut1Jr4MtCMjTa-MgKPydDxE4zCytJSCuTlysASAEuiadHnVoqtUOjwjnocN4PUXNJ8LaWPd7sLURuJlfrqggbkKijYLTwCcIHwi-HK-JjNMmEyzOmfdWJjryqKV_qyYado5ezqaC-Gl5ei5nfXN0nFO_yGI2-S1ogqp8m-0xfhs1NtmmmOzRljO3jdwLlXMkS21E5QXsPuhRPOEXuUO7r-LcsZBLjDf6QnQqq1BsOum2Wz68le-OMuXqCt0MjtSHZoDVRWerN6Uqj2IynCdciuV3uHmEBpaPGMffq9QFHP8ne3qjxiu9MQo8qs-TGphfSiK2lbAxVKX13c2zysSHcfmyBwrmdg5fsQjNGUvAiSBvRlSYQ3AE9UsQTgriRyyqDCV3EquE0VzmMJW8HVNj8HB76_ZbPptoPwz6Hhe8hHeTnme6o_ayvJ-9U7_dtjjHe9bJvDOkwjhgoSIp5oqakgonuHF6ZxnQARbpAyf3vddzoY6y_HLTlaQ4kZNiMm7juwA9wjL_AJXrKLhJTK85TbNNgCgt3gUST_Hl-LLZ53Bz40jrhux4bFKNUv5Smjr_YisaT9RUX24wQg4ZFVguq1BdKmvgu_6dq_VFyuKfjO9PKO5ZiZ4Oqgyk4UPkMCtX4e8l4lHEieDNydB7vxZka3Sv8d0Mf9SSDOF8n17flbColRgk4ASKd6x0A4r7k23oXhZu2yw1tIMDPplVVQV7F-eP7rN70tFu8OhvhSbTWTmYvBiKOsIalRn7iWLPz0cstIgj6Ap35Jc8hkuMcEKoqerrkp0tPK8ukJPUQpV7VWeMOryehlszLuZypsxNiRnATSbJEKqcU0l-GWSlMX_KsWVB7RqhQu1ddyjI56FG_KI52Dpv1C4q7F4GIcDXRUKx3a_sgQBDh1uK4qdglcuAaLWApx6mIZ5JOnxQFYL66aHLF3pbyOY_MZt4ji2QVSOPEDtfwL6Rwvv5GH2qwvhtSdo6b216Bbf-ElhuxQbKITdy37naitShen8_MJVQQHfiON1Q2xREhtvSHyjcWFLH94kyxg3N02Ontu5vIMIhX5nqYVzuoTESiUCXO35KtwnaIXEVybWOeIkUyS8Yc6i95A0Wx54QYC6s7X-O0BENi-ViVyNNUgJMqJGKwXVJieyqFxPc7ZenHFp3xyxDQtloydmv5NsigG7-SrRV9qnPcuidHSCblzRqI87YHPtTphe6_bUj9UhA-nOMhdTZn4erJWaLAYujuZQ350HRgQ3S-RJTjmvyyhPyG27FRGTua1Rfu9rm6Sfu4vbZFM44gAqCQxDxPJznO&cid=CAASEuRojVKJTWv376fVWZ6A-RnSpg&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:40 GMT content-encoding gzip x-content-type-options nosniff age 7 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:52:40 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame E22F	170 B 506 B	38ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJLxs6kBMAE&v=APEucNXVsypIgDwF5ZhAl5tS-CwRgKjEihbPk7N3xQo4yvMDjumGApb1-rxQcSRmR8DP6JHxy7y7F708VXpzyfwbWK7uK34SkNgzGOvMYWVaQ8khAQOb73IhIzZSi7Sb55b20s4ne_dc9nUxtw9YhhpTyLRW7AGq0fY4MnF3wg7TKC7u9eTGRjPpovPNpyUsKhKLbPTWE5Q8XJdy8_lybiFbtlNf7MIxm_xmxxi-AfaSbDTSRAHe2ts Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E22F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1	43 B 1014 B	26ms 13ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJLxs6kBMAE&v=APEucNXVsypIgDwF5ZhAl5tS-CwRgKjEihbPk7N3xQo4yvMDjumGApb1-rxQcSRmR8DP6JHxy7y7F708VXpzyfwbWK7uK34SkNgzGOvMYWVaQ8khAQOb73IhIzZSi7Sb55b20s4ne_dc9nUxtw9YhhpTyLRW7AGq0fY4MnF3wg7TKC7u9eTGRjPpovPNpyUsKhKLbPTWE5Q8XJdy8_lybiFbtlNf7MIxm_xmxxi-AfaSbDTSRAHe2ts Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 08:52:47 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 08:52:47 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame E22F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKy637XRfvY2feCNvxeLPwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1	43 B 894 B	14ms 13ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGJLxs6kBMAE&v=APEucNXVsypIgDwF5ZhAl5tS-CwRgKjEihbPk7N3xQo4yvMDjumGApb1-rxQcSRmR8DP6JHxy7y7F708VXpzyfwbWK7uK34SkNgzGOvMYWVaQ8khAQOb73IhIzZSi7Sb55b20s4ne_dc9nUxtw9YhhpTyLRW7AGq0fY4MnF3wg7TKC7u9eTGRjPpovPNpyUsKhKLbPTWE5Q8XJdy8_lybiFbtlNf7MIxm_xmxxi-AfaSbDTSRAHe2ts Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 08:52:47 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 08:52:47 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame FD50	41 KB 15 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 05:20:35 GMT content-encoding gzip x-content-type-options nosniff age 12732 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 May 2022 05:20:35 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 7A35	1 KB 749 B	7ms 6ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 25 May 2021 06:38:34 GMT expires Wed, 26 May 2021 06:38:34 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 8053 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame FD50	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc2f8c36c80f0ab4e8a4c4e0fd837d1034226b1f8c0f10011d956bdcdd23fa67 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 727C	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Tue, 25 May 2021 05:20:35 GMT expires Wed, 25 May 2022 05:20:35 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 12732 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	970x250.html Show response s0.2mdn.net/9342312/1620986400424/ Frame 1DFF	116 KB 26 KB	25ms 8ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9342312/1620986400424/970x250.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 706cae1c85f499e0c6ba694b1016566b8bf354b214545c4477953420f9b8455c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /9342312/1620986400424/970x250.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 26376 date Tue, 25 May 2021 08:22:25 GMT expires Wed, 26 May 2021 08:22:25 GMT last-modified Fri, 14 May 2021 10:00:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 1822 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame FD50	0 575 B	75ms 48ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzWInvbfM0T2EYmp8Np23i5xwPa-NQ3lk8EQD1ALYkjWhajcIXq7Y96XZz0DWrG28DIqtDBZLXVErTDRS94SqNTHNzq0j9hO3UsmRxqVqLWITsY9Lrjy7TYF6101UtlVLdYblYi3J2tZyoJCwuwGaphiAKF-L1OpZvKqe53_oWCPs0xnNxBaWC1foPneiKc6maGRP1bczWZTvef0qxh-lyLN2ADxybL4at28BB-slMVAkT5NatAmQA-G4kSbvOPjwPWLlowUUZO47BMmb7LgErNXkTA2QsxqHnmZP4UH602qPzlqrjeiJTR1S6KHvstO3K9h0Yo76ClQDVIm5EwfgJL6jMMScQhmoqEI5tb2q0VUPKVDKQYCWX8GYvjJlwgYhxVQhOfLfmGbYJRZd4VP0prs_Yt3R3BTjZJs_CIPJSv3LDvJS1vyUJErEO45yRMnXSf9AcjiQBpVeKNp6-MgFqHuDpI70h9loqP-6Jxi6AB-RJXUjx1Sh4u9V4bQPZWtU5V-QNQoH0nxgjwP1g8v6qDWYxIcFJhlM59gaMeBjdQ9nF1ONqqDI90kMiwdafQf6iwhN0zIsrqs9aq8W6YlxOnJAjalRVkIUKw35yxGXBwOuoc7nY6rDHpo8aaZKSsAinUEs4AGvKsc_5EXYCcrmtSchsRLZncOLWDtcz3FyVt-tuWmRbZkgkwBKLxoH8mzXlFgapNd7hz8g_vYix2rmzy_QUZWKrnUp2dxL6cUxObpdUROPoYJwN25KeJjU3fZS7YDZSOsxV7V8fizAecR2Ar7XYGamaSSgAowUIfsmEJbKNHgwXkBKyisjpmMDEs48Jz9j24RTcD70ZKEq7yJMh6302s6lB9vwNucJwW0s-MuiuIyVHGAS4xCjA4OCqts19lpIQdCodET8vTT6_N9vnP72QlAmuNONhhB_GqbIoR6kTwkdPbW3FyvvRSjc1RJTmfB0Zgc5wqcKwqEy7VY2zBQZWfJF2xed6mWKCXlgXtXads7e8otoRTUM4pYQGqTPXJdcm_r3PUhx3IX-GWugBbwKEIaCPXz7LR4GvWZ-24vP6RaxM9yAHwZ8QeaYspVCW-uR_L0mWzxmg5mrhXZrC_pruAkIRzZTZNtBn1hMH6vLWErqOIpRwAihsut3W2DUOGfPAS3CNnur8aatS7iPv7le0i601lxlF1Pk-vJfUrjMe-aK9tHcIopcFpA&sai=AMfl-YSQWulSWgLU9ICxWlmDdfGxjOtFzAi__QDME29zZcI6DHG1xhCCubu44MilSxacV2tBUtU5HreuMswksAkTfwqdFYXqAd_a_q2FsS0C57H8yaENYNIb9ScTdsttt77F8ZcOhtFs5VGOAojDu4MMvhjkUrBVMA&sig=Cg0ArKJSzDwK8BMWDtgTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=116&cbvp=1&cstd=111&cisv=r20210517.12696&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 25 May 2021 08:52:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame FD50 Redirect Chain https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=adlicious&atb_dcaid=display.awa_starterset https://d.adtriba.com/px.gif	42 B 227 B	9ms 9ms	Image image/gif	3.124.222.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.222.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-222-92.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 08:52:47 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Tue, 25 May 2021 08:52:47 GMT Last-Modified Tue, 25 May 2021 08:52:47 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7A35 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAbt1SMvvAaQqJ5XeUEiZyo&google_push=AQvitUK7kg5JuvWwnLvb2wx5TYSaQxFOkJskoWEIRxKcaVC8qQwX7-ePBk...	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAbt1SMvvAaQqJ5XeUEiZyo&google_push=AQvitUK7kg5JuvWwnLvb2wx5TYSaQxFOkJskoWEIRxKcaVC8qQwX7-ePBkSZkKsqecv7T7kMozVGmEe1rj1UT6R4ZN8nYhWlml3oNw Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1621932768.774296,VS0,VE90 x-served-by cache-hhn4072-HHN x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAbt1SMvvAaQqJ5XeUEiZyo&google_push=AQvitUK7kg5JuvWwnLvb2wx5TYSaQxFOkJskoWEIRxKcaVC8qQwX7-ePBkSZkKsqecv7T7kMozVGmEe1rj1UT6R4ZN8nYhWlml3oNw cache-control no-cache accept-ranges bytes access-control-allow-origin * content-length 0 x-cache-hits 0
GET		match um.wbtrk.net/doubleclick/user/ Frame 7A35	0 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7A35 Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESECoagx8ScvaVtmSQNy4dS9I&google_cver=1&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzl... https://d5p.de17a.com/cookies/google;c?google_gid=CAESECoagx8ScvaVtmSQNy4dS9I&google_cver=1&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCU... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzlPz3qA9A	170 B 188 B	17ms 16ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzlPz3qA9A Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIgYBcxKADJawio4xlkhPZBHjIqpR5NaUwLEjRmQNazj29qTbigs-eDbHIW9ql7hD92nR6zGOEQdwej-IMrSCYCUzlPz3qA9A content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7A35 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEucX-oJD0iRdZfJdpliiCQ&google_cver=1&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGeT7... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEucX-oJD0iRdZfJdpliiCQ&google_cver=1&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMc... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NzAyMTQ3NzQ3MjUxNDA0Mw&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGe...	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NzAyMTQ3NzQ3MjUxNDA0Mw&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGeT7zcKCg8SnQxehGr8mkRd6gA Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server nginx location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NzAyMTQ3NzQ3MjUxNDA0Mw&google_push=AQvitUISfuf2CKmNxCmPuCAwx1KZelVKYuHP3T7x33IveMBhHk7daIAqm65Iuv-ZZOry9FpeTMcaGeT7zcKCg8SnQxehGr8mkRd6gA access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7A35 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEMW4-ervdtL-npJhUXne1Wc&google_cver=1&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA https://rtb.openx.net/sync/dds?google_gid=CAESEMW4-ervdtL-npJhUXne1Wc&google_cver=1&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHk... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA&google_hm=V3LtpUiCwVoxlCkgyP8piw==	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA&google_hm=V3LtpUiCwVoxlCkgyP8piw== Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:46 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULdHy6Tp-5XcJz1r1GcFkVzxv3GFW_vhT__IiFf4AiJRjIFk8Ft0LDhmWwJPGTqRpW0cjvUmu9ifw0VMTdvrdfyZslrlhxHkA&google_hm=V3LtpUiCwVoxlCkgyP8piw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 3i5jhgoooqop8qh9p5ub6rptradcr3lt
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7A35 Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPKsOcTuMkJxpUVpr5CvZms&google_cver=1&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPKsOcTuMkJxpUVpr5CvZms&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo9dsflOarYLIs5IZ2g&google_hm=UkFXd1dfbUpYU1NzMz...	170 B 188 B	17ms 16ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo9dsflOarYLIs5IZ2g&google_hm=UkFXd1dfbUpYU1NzMzhyQllVZkw= Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:48 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 08:52:48 GMT P3p CP="We do not support P3P header." Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitULpvF0O1U2VqxCxr8L55Me19Jv3bZRbqVDofEvwuVcVFGyvMZMtMmqL-T8HzhnYXRMEP6pBEjohqMWOo9dsflOarYLIs5IZ2g&google_hm=UkFXd1dfbUpYU1NzMzhyQllVZkw= Cache-Control no-cache, no-store, must-revalidate Content-Type text/html; charset=utf-8 Content-Length 238 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7A35 Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIGBPBex_6zJb-SmMG7YQBw&google_cver=1&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIGBPBex_6zJb-SmMG7YQBw&google_cver=1&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq8dFxmytaxC3&google_hm=e2797b745ff47a33c9f47448	170 B 188 B	19ms 19ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq8dFxmytaxC3&google_hm=e2797b745ff47a33c9f47448 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 25 May 2021 08:52:47 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUL6LR8k9kDFNpHRkeyRG2u1tOyVDpjNA-UBf_lNgqjSxHKWlgN0Bzq_H4HCHpI0sFkFruZPubDmUgHAWOPUq8dFxmytaxC3&google_hm=e2797b745ff47a33c9f47448 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 7A35	0 12 B	19ms 16ms	Image text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IApy1vD6w3UxWnOc7SaAMCP3ZTuJL15KzQRkZuSRTLlKzi-SkiINLtfRdLmxWc7-2Z-jCr Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response pagead2.googlesyndication.com/bg/ Frame 727C	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 19:06:10 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 49597 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 expires Tue, 24 May 2022 19:06:10 GMT
GET H2	200	createjs.min.js Show response code.createjs.com/1.0.0/ Frame 1DFF	236 KB 63 KB	39ms 21ms	Script text/javascript	2a02:26f0:6c00::210:ba1a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://code.createjs.com/1.0.0/createjs.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9342312/1620986400424/970x250.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:47 GMT content-encoding gzip server Apache cache-control max-age=900 vary Accept-Encoding content-type text/javascript x-n S accept-ranges bytes expires Tue, 25 May 2021 09:07:47 GMT
GET H3-29	200	Aldi_NORD2x.png s0.2mdn.net/9342312/1620986400424/ Frame 1DFF	8 KB 8 KB	7ms 6ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9342312/1620986400424/Aldi_NORD2x.png Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c0e0e6799012cac129f04420ef8d45857a3738177de6b97aa4df11ba8f8dee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9342312/1620986400424/970x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:22:27 GMT x-content-type-options nosniff last-modified Fri, 14 May 2021 10:00:00 GMT server sffe age 1820 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7997 x-xss-protection 0 expires Wed, 26 May 2021 08:22:27 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame FD50	0 23 B	61ms 47ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzWInvbfM0T2EYmp8Np23i5xwPa-NQ3lk8EQD1ALYkjWhajcIXq7Y96XZz0DWrG28DIqtDBZLXVErTDRS94SqNTHNzq0j9hO3UsmRxqVqLWITsY9Lrjy7TYF6101UtlVLdYblYi3J2tZyoJCwuwGaphiAKF-L1OpZvKqe53_oWCPs0xnNxBaWC1foPneiKc6maGRP1bczWZTvef0qxh-lyLN2ADxybL4at28BB-slMVAkT5NatAmQA-G4kSbvOPjwPWLlowUUZO47BMmb7LgErNXkTA2QsxqHnmZP4UH602qPzlqrjeiJTR1S6KHvstO3K9h0Yo76ClQDVIm5EwfgJL6jMMScQhmoqEI5tb2q0VUPKVDKQYCWX8GYvjJlwgYhxVQhOfLfmGbYJRZd4VP0prs_Yt3R3BTjZJs_CIPJSv3LDvJS1vyUJErEO45yRMnXSf9AcjiQBpVeKNp6-MgFqHuDpI70h9loqP-6Jxi6AB-RJXUjx1Sh4u9V4bQPZWtU5V-QNQoH0nxgjwP1g8v6qDWYxIcFJhlM59gaMeBjdQ9nF1ONqqDI90kMiwdafQf6iwhN0zIsrqs9aq8W6YlxOnJAjalRVkIUKw35yxGXBwOuoc7nY6rDHpo8aaZKSsAinUEs4AGvKsc_5EXYCcrmtSchsRLZncOLWDtcz3FyVt-tuWmRbZkgkwBKLxoH8mzXlFgapNd7hz8g_vYix2rmzy_QUZWKrnUp2dxL6cUxObpdUROPoYJwN25KeJjU3fZS7YDZSOsxV7V8fizAecR2Ar7XYGamaSSgAowUIfsmEJbKNHgwXkBKyisjpmMDEs48Jz9j24RTcD70ZKEq7yJMh6302s6lB9vwNucJwW0s-MuiuIyVHGAS4xCjA4OCqts19lpIQdCodET8vTT6_N9vnP72QlAmuNONhhB_GqbIoR6kTwkdPbW3FyvvRSjc1RJTmfB0Zgc5wqcKwqEy7VY2zBQZWfJF2xed6mWKCXlgXtXads7e8otoRTUM4pYQGqTPXJdcm_r3PUhx3IX-GWugBbwKEIaCPXz7LR4GvWZ-24vP6RaxM9yAHwZ8QeaYspVCW-uR_L0mWzxmg5mrhXZrC_pruAkIRzZTZNtBn1hMH6vLWErqOIpRwAihsut3W2DUOGfPAS3CNnur8aatS7iPv7le0i601lxlF1Pk-vJfUrjMe-aK9tHcIopcFpA&sai=AMfl-YSQWulSWgLU9ICxWlmDdfGxjOtFzAi__QDME29zZcI6DHG1xhCCubu44MilSxacV2tBUtU5HreuMswksAkTfwqdFYXqAd_a_q2FsS0C57H8yaENYNIb9ScTdsttt77F8ZcOhtFs5VGOAojDu4MMvhjkUrBVMA&sig=Cg0ArKJSzDwK8BMWDtgTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&vt=11&dtpt=106&dett=3&cstd=111&cisv=r20210517.12696&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:47 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	Aldi_SUED2x.png s0.2mdn.net/9342312/1620986400424/ Frame 1DFF	32 KB 32 KB	7ms 7ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9342312/1620986400424/Aldi_SUED2x.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f8b88d6defaae97d75a38324b62c6c8bd53b5028a4c4a4110a1aedb50fd38d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9342312/1620986400424/970x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:22:25 GMT x-content-type-options nosniff last-modified Fri, 14 May 2021 10:00:00 GMT server sffe age 1822 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33111 x-xss-protection 0 expires Wed, 26 May 2021 08:22:25 GMT
GET H3-29	200	Sigel.png s0.2mdn.net/9342312/1620986400424/ Frame 1DFF	29 KB 29 KB	7ms 6ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9342312/1620986400424/Sigel.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d420de65e4173d725a02345be12ffb458525e32ad808518f385ecf6f2c5b1a24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9342312/1620986400424/970x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:22:25 GMT x-content-type-options nosniff last-modified Fri, 14 May 2021 10:00:00 GMT server sffe age 1822 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29372 x-xss-protection 0 expires Wed, 26 May 2021 08:22:25 GMT
GET H3-29	200	Talk_Logo.png s0.2mdn.net/9342312/1620986400424/ Frame 1DFF	5 KB 5 KB	7ms 6ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9342312/1620986400424/Talk_Logo.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2aa46aad5efcb075608bc5b0c9c707020fe9c49285a0360740b00eed0d8c702 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9342312/1620986400424/970x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:22:25 GMT x-content-type-options nosniff last-modified Fri, 14 May 2021 10:00:00 GMT server sffe age 1822 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5040 x-xss-protection 0 expires Wed, 26 May 2021 08:22:25 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 727C	0 20 B	16ms 16ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B20I437qsYParIp6s3gOF-ILQDwAAAAA4AeAEAg&bg=!ODulO3_NAAZ7hX_Ue4U7ACkAdvg8WphjvljSJPLGIdiRZMClIk4ymod8XVf5fUJQtRLfIuTljVm-VQIAAACrUgAAABxoAQcKAJKrxrDvnfqEA5RMb1Ah7fBJh4E34M6A2oDpiFuNewUYsj7YrCnconHVInVG5PVIpCi7HXT401XEdFKoGhp4pu5U9X6lMUjFL0kBO3tpQu0cVr_r-5XnmpHgl1s08Z4qVSuslS_xz16kfhj4tuMIaXD2ZPu-ByQbVjNfMj1yrVMSp1AUvNzLGPpMzvGapBqYWmIjNJkCjRodX_JdwaVk1Ea83Nr9adYds1TWLjSkv1uK9K0_7DiCJhs67eG4aJosFFSJKZEyy5eHMENmeEqUhhcRmwk6-sJzr9epmY54gGJM5bIOyL9ficvNh7S6MRxevSgYCZr46qUBiHF9ChJqsmXscvYIQfh1thTqtDAKU6yRslPWt89xbwK9mFTrKzameWCYs7UbmZEyOxTZJhf59V6NYJgNx3v4gMdtDlFv7rx0p2y0GoNEDIWIqBzgfjSen2Mv16dHV92YdWsERYzOE-bEHEG_cxiClub63ye5d2B0ENijohsOxE7ybmJsgUoJ--yNmRZFg7mSGsytqm3luEt2UhoaKk_k-PZ9SzLccZ5p52KqaE9gOI8G0lvBGRJn69Urlwd2anX9-QgT-4h8CwXaIPAotYbW6Ks0V8e8dYBOlob-eWFlTEAHxaoYi4vEwp5C5A0HwdVbg9YQn0GrwfCRXHkie9fQS4iCYluVsyfDFNYfKv7qtSALlrxRRAwLuPrKZ31z6lTvGBGqcOKEI3VwoSyTfsl4WuM9AYfAZpwI3-eThSdM-5ypvZbmlP1qHWl7qDgWeKrKrjhhMddG1RHmgzaAlcgxvfF7DIdyc-CrcpjWKAqTM4NDvCbo8ZRyM1aARik_j9ctyX2aEntKEScXeJPW_Ddj-v95reB-P8-VGQITH2WfENXaiQVxzEy7i8FAHFRm0ll-SkkreAy9KTBuZDU68wiJDeysnYQCd-YnD0d9BhrZ0DgGFJN4rFT-xFl6FhVg8J8eizZHHqqmbKACQCcPSOGEtqs__hVzqoJgVW4CcQ7O9MbBbEgZCIDY36MiH6fSOzxrOWiLa7vggl8ce6nefjZYtDONyHbyeIraD82c Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	15ms 15ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	14ms 14ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	14 KB 8 KB	337ms 337ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2409620432761035&correlator=280313097404403&output=ldjh&impl=fifs&eid=31061268%2C31061287%2C31061143%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=4&prev_scp=a%3D%257C3%257C%26iid4%3D325372%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-325372%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D2%26bvm%3D0%26bvr%3D6%26shp%3D1%26br1%3D100%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C20%2C17%2C19%2C20%2C608%26lb%3D260%26reqt%3D1621932767622&eri=1&cookie=ID%3D4534b631b65d1079%3AT%3D1621932766%3AS%3DALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ&bc=31&abxe=1&lmt=1621932768&dt=1621932768626&dlt=1621932761306&idt=187&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=529409349.1621932762&ga_sid=1621932762&ga_hid=509001146&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 0d5eeb38d91b466992295edbf41e911d9f3099f8ca9ace7d5a200caf4ac09fb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:48 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8559 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame FD50	42 B 64 B	34ms 21ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsXl2s2QXXJGyWNOI4chuNLYzz5hgzVDmSw5m6k75ahy71nGBEIBHUnsLWp3SdJcOUXGsELg2CAE1xg1YdnkhGJNNSxONaZ6_oa3FbChKn8vXAelHb3CpZfQg0Vg&sai=AMfl-YTFucXAI85iukbfziG9nCn2ygsqspLsCA1iMPoOtU3SX_Y806ks1ooVxkgle4zJv8U5kkOmfacjICHa3oZX9gkJrxMhxYeGglT-LUHemvmPB2ATvYoSXJBUr_4&sig=Cg0ArKJSzC9He2bXEJycEAE&cid=CAASEuRojVKJTWv376fVWZ6A-RnSpg&id=lidar2&mcvt=1000&p=156,315,406,1285&asp=156,315,406,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1828697630&rs=4&met=ce&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621932767507&dlt=15&rpt=177&isd=0&lsd=0&msd=0&r=v&fum=1&speed=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:48 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	8ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=70; ezouspva=1; ezouspvh=70 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:48 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	8ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjUwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwODAyMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMiJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODY2MDgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDEzIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjUwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwODAyMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMiJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODY2MDgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDEzIn1dfV0= pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=70; ezouspva=1; ezouspvh=70 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:48 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H3-29	200	container.html Show response 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4003	6 KB 3 KB	23ms 7ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js?31061287 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 25 May 2021 08:52:42 GMT expires Wed, 25 May 2022 08:52:42 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 7 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	8ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImE0OTVjZTdkYmI0Y2VmY2QzZTBhNzIyMDQ4ODk0ZjQxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjUzNzIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAyNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTQ3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjUzNzIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImE0OTVjZTdkYmI0Y2VmY2QzZTBhNzIyMDQ4ODk0ZjQxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjUzNzIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAyNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTQ3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjUzNzIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=170; ezouspva=2; ezouspvh=100 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:48 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 40 B	9ms 8ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 May 2021 08:52:48 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	9ms 9ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEwIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=170; ezouspva=2; ezouspvh=100 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:48 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	9ms 9ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhdWN0aW9uX2Vwb2NoIjoxNjIxOTMyNzY5LCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImJpZF9mbG9vcl9pbml0aWFsIjoxNTAwLCJiaWRfZmxvb3JfcHJldiI6MjYwLCJiaWRfZmxvb3JfZmlsbGVkIjoxMDAsImF1Y3Rpb25fY291bnQiOjUsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM1OSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhdWN0aW9uX2Vwb2NoIjoxNjIxOTMyNzY5LCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImJpZF9mbG9vcl9pbml0aWFsIjoxNTAwLCJiaWRfZmxvb3JfcHJldiI6MjYwLCJiaWRfZmxvb3JfZmlsbGVkIjoxMDAsImF1Y3Rpb25fY291bnQiOjUsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjM1OSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=170; ezouspva=2; ezouspvh=100 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:48 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	8ms 8ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbOTcwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI4Nzk3OSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyODc5NzkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTg3In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjg3OTc5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbOTcwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI4Nzk3OSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyODc5NzkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MzI3NjEsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjRiZTgzOWY1LWM4YzctNDdkMC02NjNkLTlhMDZkYzEyM2VlNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTg3In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie __gads=ID=4534b631b65d1079:T=1621932766:S=ALNI_MYaopfkpB6DGinpOBXsXkhVXKnVjQ; ezouspvv=170; ezouspva=2; ezouspvh=100 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:49 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:48 UTC
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 5F3D	478 B 251 B	60ms 58ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YtfqRcDAB&v=APEucNUvqlehGaeVGwzLYgaoX_hVK3SpG9KTUVXrwJi2FAuDj58f88C1iTrXzoalimlli0gX8-95uLnjzhk2KBbZluqm1R5RPonFX5FEehsWRM6Fsiqc3RYygSiX7jP4NIwdWaDP9IPCo9CkdaOYqO3vr9A_MvBMSqOCvpddguQDOueORCMFOwoJnghGfHTH2JR6zESQF6lzePxec8vYAjzAdKV1M6pSxM36Xl2R-k2d7-AsrHOhhZA Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CLO4XRDz7F4YtfqRcDAB&v=APEucNUvqlehGaeVGwzLYgaoX_hVK3SpG9KTUVXrwJi2FAuDj58f88C1iTrXzoalimlli0gX8-95uLnjzhk2KBbZluqm1R5RPonFX5FEehsWRM6Fsiqc3RYygSiX7jP4NIwdWaDP9IPCo9CkdaOYqO3vr9A_MvBMSqOCvpddguQDOueORCMFOwoJnghGfHTH2JR6zESQF6lzePxec8vYAjzAdKV1M6pSxM36Xl2R-k2d7-AsrHOhhZA pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUklJxsMvUe0YG1pfq85EYsnlcMokp5IDLBmW7PcpjizKWlTPaIMJ5YLweUmFhg Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 25 May 2021 08:52:49 GMT server cafe cache-control private content-length 230 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 4003	62 KB 24 KB	56ms 55ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae6V-pUCfPloLH8BXBaTYLMS5j6CF51EoIcAnEtWmgHbLX8DD2yakeQjboLLZPEm_pQAcX6ndqoKouvD0etyZloIbgGlSWgy4_PK6V9mufPAuui1YvrHwcWZfE_JgdWMFSjAh82YeUXIjuIGFl4RjN5N03Hg&dbm_d=AKAmf-CZxlWfShpvcOfa_IM7CxQ9Tf4KfDo5vG4zwJJATme_t3JDOHLlojzIo3hGe1YsV03H5JrJLELOAYvccD5OYnwV_IJNCIxjWpvILBnIsaDbhy8Lm0zdG6jYaRnMvpXPxGM10XYQ1XWfqYe9OjE7kcEMOqalE0dDtTvvPmJdE00uV5LDjR3NIPZ7WF2w--TwU3IPbwoTieDUhPgUv7h5i0FtQWJwV0M5w_-HS4vRC7jTKbjtSLf4xuWqnTe5KDQN4JuMT4qOIgwGCIHXYvMjGdGmDsBxj6Kjy90QJTbKvydA_W1-8kXM9cVUfyk_1TZKNdWJ1EcsC8jgweOPuxVvFVNUrofrrQpqFJ3vpgh-sEew2c4QrNRH7_gqE3V0uAykXPJOmX_PyIeV22Qo_XPuHCUWGh75X0OWhWvi5j6vpuAaVypejRFbFNXI0WvOxY9ax0F1Mh3ywLXYYFYUG0m8H03RYMtuJJ0indX_Bt3563xHLbOH4RXM1ZXH8BjCeGV1KHG6SFKKw6Hokr950XWHBVJtXZsLl_85gY60GpEspO3XgjAfhCviegJVdUuMx25csvuR50-WxZ3vP6MNnA285TZa7amX9gl5daa-_X6kDZ2Mhnfb0rmC1cl17KpXOfCqd4Hv76XLK-LNixVtZeX8sU19bb-b59zaBusLBQ1B8VhfDYO1k16blU_h8dixOmTpjv8PA60cQVnC-bmn9MiYCdDeCKk9TE9vj-TAPvlNVZeem8dpv6ZOJYDMqlzLQWbj2MQdcoDOmjNV0DbzANbB48VcrS-3I9-BFykNrUZcA1BgOuuwPDCsMarxBeXr0EywieA5r9CUFwk4HuhD3vCKq6A-nqR2d02tppgsn-mj_AgE5xrXHfr8PHhFRb64PC3zfAKFrakDb9JzmaTRZcqDnqYEcusTvFeCpGeg6JB-RdTaR-xtu8Gc4Ri-EfNXN5u3KnHIt2qIFSMwqFzMUedAsuT0qu9L21n7X-Z89BvZQJQIGWPRMwxGZbTnPa48RFOdvIGsNbTLaSf6hyyo5GiZNRf7pixte90Bo9juelnzLLONldq4Q-IXb37_-YuHd2I0pr2KzeyeWkoyt3RVsj9yyhcBgny3W7A_ukqxyE0GIw-dOeVgYgPEE1Wrryks-dRelhavnpTydIr135mtEW1hLS2jHdYRu8HepnyFg3cer10w26OAIJs8exJSe4h1Ed9KrZkYltIcPPXxxyoNc94SB9jjhOOHDT8IAW8-k7KE23-8g3wjm24tQSwIJRJqXfnsMzs0PD5E6XRFDWF2eYhWYacW2esDjM-LrXYKBeosUKGNRDr45PmfF5HbJH55n3R1vTRYb5U-1B4wt8XGdVWynx6tti_CyNXTctut1jdu-gVFG2LBBZ2u3CYWZwJvqrBnMNiGNR85QFjv5W12tNWLzRF-4gg70L2q5a-wta29c-keOuol_-NT4WGYl65AgNn8tb88TGsO5f5ho9YZQXgvj3cmGQGZt_JoR3pR9PiTlWGVXS9gSW9lh2gZKENIlNf6ri6NZEeVKIIF4pnrikLGY-ZYT4SZhRLb6y_fIfoMabofn7HcbjciDZviOeaXrCJCJbSqXOjqkBcVzKDMAVmgd4wLEUx4X602i0izmWUg-1cndcI3-4HsOYDhybfAQZXCsGdrFQALEjYiqTr9V03rFntv-qLoSrDYtfutEQUS3olAU9FleW6LR1DyW82ycj6pn3BQISCfK3unHRCaAYZj8eu4Jy8TjnO7EGGLD11eA-HfBc-4jymEHmYfpYxG5-pJ2AjLn6O1a-5kIhrmWhQZ5kXDdv9FRweZk2hDCVRciyZpt7GPdT8BAcSbYoC2M32tYuFKkmw6xdif8fysCvGwnEvGWS8gTvpcW3kWZ09eJWc0dxzpvNOAsHN49UvmI1qqjDatFFmc67DOmbSxBtcukg7gAFSozl0twkx8WjvHMrNMXojSfCxK9ho8Jj0BYjXVJL70YGnyw6rl3fdaeZTrR7d3IBxEbudoBe8LeQk4sfmex0EjbI4d-veOaVwoF4jxTo68nsYD3kqWw68-_zasd9dHueGJ7BDJRheONmZucczAuYSJgxB8oTIOzNrT79gO6ZtRZnYV6Fa30gzyuqBh8FtSYwvLRJjydrvInSCoodDjxU0sFpYOkSVeifzakXY1iJDxq8-L9qMrUaVatTAOSg_uBfPxE1jSNW4d6ejE42-N2JEyBqZTHoSf11Dk62oVdXCZuTrCyN_6eQJUyRUXbOqW92GYOMuVmPhIA-XyBm9pxMFDJ109ZkKdKK8YF-_Rsgmm_smln6bpD_bmF1AC_Q2bgVnEDC31EbxuITK4PdmlavLf0gDrKUAOL48Vin8m49DCec3uKX3mR3d9DuGgaj1wEDgshz8uyQUXOdtdmI3NNNg1_Z6Q4_D7HhlUpUJzuM4dxvq8JviRskG0jcxtIzQb2CX_hIwfSc8aZBByrnQ6iLjUdRhazWwVqlbrL0i5DDZlbOG82bqT8bAkZEQBgUP79lUFD4IhV0YV0-yKwH8fWbrjlmIldSEttwmARtds9TQWcsahBxQtjqHEalYel6xg_KqpTktOm3URzH6xMclBNY00HUtLqmK--ZnXf8LFvx53U2TA5Vgx7ivzrVN7UQeydVYtzWdn_93z5LqC6ac_Uiwh4NV99Lj-a0ywaW7Hl6hqvucXf8LB2IXIxOAyj4kW3rsjxc1bdnedtRXxQb856-Vj2Qo7HKQKsHvIdKjNV3jzyxzRpmdQM-t-o7zp6emTsf0fZ-HMirRyiw6-uik9pl5rgxJPIOgToify3Hij456xcYOQ1JLZfNZ7XxsT20wgQpy5hkWcBcmQnbFNHt5sbNoPLcZ6SheRwNRk-APHolhXiDJlmc4AIx5LX1I3hkINWwbyFxt6s8xrHd30-S2oY7pRsc4bYXSvsgUuZpGo5OdAu83zOz8gkCl1Q4HlTSTUsWmRSvyCB1QELFh3EOjXp6mrcu3TycBnzI2DeHx-nLcRnZlroxVxFXvgewCE0gC_CS1OhIFt1WYc3jyL1SNUT9zsys7doa_TjbSf6Zqo8HP05p0yAaw4bWkMOWWk0AxAAzr-jljJqontLmCDM9D15UzHPs1jb8Z392_GzVC6p963d_1oIihL5FFeWEzacYgazbOGXpuOmzhfrlDdM2-Am5BXRqc&cid=CAASEuRoARfNkp-Hp2pp9A4l1Wpt2Q&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dede77ac67e9435c73196dbba4ec6a9dfbfa711c7d2a2643653978b262cd14a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24694 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4003	42 B 63 B	17ms 15ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAd4CKmqKouAcmdvT05oHgbTugJ8Btz9ozWuEc9ietvCKyZf7LkIZOzK7kOs96tN9goiceGi-Txj0_xFhWyfsk9YipWxlh2pW7mmQUb7T3H_VSoS8 Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4003	2 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:10 GMT content-encoding gzip x-content-type-options nosniff age 39 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:52:10 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4003	119 KB 36 KB	28ms 14ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:49 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855623965245" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37215 x-xss-protection 0 expires Tue, 25 May 2021 08:52:49 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4003	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:46:48 GMT content-encoding gzip x-content-type-options nosniff age 361 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:46:48 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 4003	0 0	15ms 13ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgrzLGeccTr6mfDhdHSq92cVG8GVzaFbMqjRrD2qh2gUZl-0UiStbJpRQ3YJkiAS7WCxbVle3jqba8aVqFCf9X9Upd2g Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 4003	176 KB 61 KB	20ms 7ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:50:58 GMT content-encoding gzip x-content-type-options nosniff age 111 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 08:50:58 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 4003	8 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae6V-pUCfPloLH8BXBaTYLMS5j6CF51EoIcAnEtWmgHbLX8DD2yakeQjboLLZPEm_pQAcX6ndqoKouvD0etyZloIbgGlSWgy4_PK6V9mufPAuui1YvrHwcWZfE_JgdWMFSjAh82YeUXIjuIGFl4RjN5N03Hg&dbm_d=AKAmf-CZxlWfShpvcOfa_IM7CxQ9Tf4KfDo5vG4zwJJATme_t3JDOHLlojzIo3hGe1YsV03H5JrJLELOAYvccD5OYnwV_IJNCIxjWpvILBnIsaDbhy8Lm0zdG6jYaRnMvpXPxGM10XYQ1XWfqYe9OjE7kcEMOqalE0dDtTvvPmJdE00uV5LDjR3NIPZ7WF2w--TwU3IPbwoTieDUhPgUv7h5i0FtQWJwV0M5w_-HS4vRC7jTKbjtSLf4xuWqnTe5KDQN4JuMT4qOIgwGCIHXYvMjGdGmDsBxj6Kjy90QJTbKvydA_W1-8kXM9cVUfyk_1TZKNdWJ1EcsC8jgweOPuxVvFVNUrofrrQpqFJ3vpgh-sEew2c4QrNRH7_gqE3V0uAykXPJOmX_PyIeV22Qo_XPuHCUWGh75X0OWhWvi5j6vpuAaVypejRFbFNXI0WvOxY9ax0F1Mh3ywLXYYFYUG0m8H03RYMtuJJ0indX_Bt3563xHLbOH4RXM1ZXH8BjCeGV1KHG6SFKKw6Hokr950XWHBVJtXZsLl_85gY60GpEspO3XgjAfhCviegJVdUuMx25csvuR50-WxZ3vP6MNnA285TZa7amX9gl5daa-_X6kDZ2Mhnfb0rmC1cl17KpXOfCqd4Hv76XLK-LNixVtZeX8sU19bb-b59zaBusLBQ1B8VhfDYO1k16blU_h8dixOmTpjv8PA60cQVnC-bmn9MiYCdDeCKk9TE9vj-TAPvlNVZeem8dpv6ZOJYDMqlzLQWbj2MQdcoDOmjNV0DbzANbB48VcrS-3I9-BFykNrUZcA1BgOuuwPDCsMarxBeXr0EywieA5r9CUFwk4HuhD3vCKq6A-nqR2d02tppgsn-mj_AgE5xrXHfr8PHhFRb64PC3zfAKFrakDb9JzmaTRZcqDnqYEcusTvFeCpGeg6JB-RdTaR-xtu8Gc4Ri-EfNXN5u3KnHIt2qIFSMwqFzMUedAsuT0qu9L21n7X-Z89BvZQJQIGWPRMwxGZbTnPa48RFOdvIGsNbTLaSf6hyyo5GiZNRf7pixte90Bo9juelnzLLONldq4Q-IXb37_-YuHd2I0pr2KzeyeWkoyt3RVsj9yyhcBgny3W7A_ukqxyE0GIw-dOeVgYgPEE1Wrryks-dRelhavnpTydIr135mtEW1hLS2jHdYRu8HepnyFg3cer10w26OAIJs8exJSe4h1Ed9KrZkYltIcPPXxxyoNc94SB9jjhOOHDT8IAW8-k7KE23-8g3wjm24tQSwIJRJqXfnsMzs0PD5E6XRFDWF2eYhWYacW2esDjM-LrXYKBeosUKGNRDr45PmfF5HbJH55n3R1vTRYb5U-1B4wt8XGdVWynx6tti_CyNXTctut1jdu-gVFG2LBBZ2u3CYWZwJvqrBnMNiGNR85QFjv5W12tNWLzRF-4gg70L2q5a-wta29c-keOuol_-NT4WGYl65AgNn8tb88TGsO5f5ho9YZQXgvj3cmGQGZt_JoR3pR9PiTlWGVXS9gSW9lh2gZKENIlNf6ri6NZEeVKIIF4pnrikLGY-ZYT4SZhRLb6y_fIfoMabofn7HcbjciDZviOeaXrCJCJbSqXOjqkBcVzKDMAVmgd4wLEUx4X602i0izmWUg-1cndcI3-4HsOYDhybfAQZXCsGdrFQALEjYiqTr9V03rFntv-qLoSrDYtfutEQUS3olAU9FleW6LR1DyW82ycj6pn3BQISCfK3unHRCaAYZj8eu4Jy8TjnO7EGGLD11eA-HfBc-4jymEHmYfpYxG5-pJ2AjLn6O1a-5kIhrmWhQZ5kXDdv9FRweZk2hDCVRciyZpt7GPdT8BAcSbYoC2M32tYuFKkmw6xdif8fysCvGwnEvGWS8gTvpcW3kWZ09eJWc0dxzpvNOAsHN49UvmI1qqjDatFFmc67DOmbSxBtcukg7gAFSozl0twkx8WjvHMrNMXojSfCxK9ho8Jj0BYjXVJL70YGnyw6rl3fdaeZTrR7d3IBxEbudoBe8LeQk4sfmex0EjbI4d-veOaVwoF4jxTo68nsYD3kqWw68-_zasd9dHueGJ7BDJRheONmZucczAuYSJgxB8oTIOzNrT79gO6ZtRZnYV6Fa30gzyuqBh8FtSYwvLRJjydrvInSCoodDjxU0sFpYOkSVeifzakXY1iJDxq8-L9qMrUaVatTAOSg_uBfPxE1jSNW4d6ejE42-N2JEyBqZTHoSf11Dk62oVdXCZuTrCyN_6eQJUyRUXbOqW92GYOMuVmPhIA-XyBm9pxMFDJ109ZkKdKK8YF-_Rsgmm_smln6bpD_bmF1AC_Q2bgVnEDC31EbxuITK4PdmlavLf0gDrKUAOL48Vin8m49DCec3uKX3mR3d9DuGgaj1wEDgshz8uyQUXOdtdmI3NNNg1_Z6Q4_D7HhlUpUJzuM4dxvq8JviRskG0jcxtIzQb2CX_hIwfSc8aZBByrnQ6iLjUdRhazWwVqlbrL0i5DDZlbOG82bqT8bAkZEQBgUP79lUFD4IhV0YV0-yKwH8fWbrjlmIldSEttwmARtds9TQWcsahBxQtjqHEalYel6xg_KqpTktOm3URzH6xMclBNY00HUtLqmK--ZnXf8LFvx53U2TA5Vgx7ivzrVN7UQeydVYtzWdn_93z5LqC6ac_Uiwh4NV99Lj-a0ywaW7Hl6hqvucXf8LB2IXIxOAyj4kW3rsjxc1bdnedtRXxQb856-Vj2Qo7HKQKsHvIdKjNV3jzyxzRpmdQM-t-o7zp6emTsf0fZ-HMirRyiw6-uik9pl5rgxJPIOgToify3Hij456xcYOQ1JLZfNZ7XxsT20wgQpy5hkWcBcmQnbFNHt5sbNoPLcZ6SheRwNRk-APHolhXiDJlmc4AIx5LX1I3hkINWwbyFxt6s8xrHd30-S2oY7pRsc4bYXSvsgUuZpGo5OdAu83zOz8gkCl1Q4HlTSTUsWmRSvyCB1QELFh3EOjXp6mrcu3TycBnzI2DeHx-nLcRnZlroxVxFXvgewCE0gC_CS1OhIFt1WYc3jyL1SNUT9zsys7doa_TjbSf6Zqo8HP05p0yAaw4bWkMOWWk0AxAAzr-jljJqontLmCDM9D15UzHPs1jb8Z392_GzVC6p963d_1oIihL5FFeWEzacYgazbOGXpuOmzhfrlDdM2-Am5BXRqc&cid=CAASEuRoARfNkp-Hp2pp9A4l1Wpt2Q&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:50:43 GMT content-encoding gzip x-content-type-options nosniff age 126 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:50:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 4003	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae6V-pUCfPloLH8BXBaTYLMS5j6CF51EoIcAnEtWmgHbLX8DD2yakeQjboLLZPEm_pQAcX6ndqoKouvD0etyZloIbgGlSWgy4_PK6V9mufPAuui1YvrHwcWZfE_JgdWMFSjAh82YeUXIjuIGFl4RjN5N03Hg&dbm_d=AKAmf-CZxlWfShpvcOfa_IM7CxQ9Tf4KfDo5vG4zwJJATme_t3JDOHLlojzIo3hGe1YsV03H5JrJLELOAYvccD5OYnwV_IJNCIxjWpvILBnIsaDbhy8Lm0zdG6jYaRnMvpXPxGM10XYQ1XWfqYe9OjE7kcEMOqalE0dDtTvvPmJdE00uV5LDjR3NIPZ7WF2w--TwU3IPbwoTieDUhPgUv7h5i0FtQWJwV0M5w_-HS4vRC7jTKbjtSLf4xuWqnTe5KDQN4JuMT4qOIgwGCIHXYvMjGdGmDsBxj6Kjy90QJTbKvydA_W1-8kXM9cVUfyk_1TZKNdWJ1EcsC8jgweOPuxVvFVNUrofrrQpqFJ3vpgh-sEew2c4QrNRH7_gqE3V0uAykXPJOmX_PyIeV22Qo_XPuHCUWGh75X0OWhWvi5j6vpuAaVypejRFbFNXI0WvOxY9ax0F1Mh3ywLXYYFYUG0m8H03RYMtuJJ0indX_Bt3563xHLbOH4RXM1ZXH8BjCeGV1KHG6SFKKw6Hokr950XWHBVJtXZsLl_85gY60GpEspO3XgjAfhCviegJVdUuMx25csvuR50-WxZ3vP6MNnA285TZa7amX9gl5daa-_X6kDZ2Mhnfb0rmC1cl17KpXOfCqd4Hv76XLK-LNixVtZeX8sU19bb-b59zaBusLBQ1B8VhfDYO1k16blU_h8dixOmTpjv8PA60cQVnC-bmn9MiYCdDeCKk9TE9vj-TAPvlNVZeem8dpv6ZOJYDMqlzLQWbj2MQdcoDOmjNV0DbzANbB48VcrS-3I9-BFykNrUZcA1BgOuuwPDCsMarxBeXr0EywieA5r9CUFwk4HuhD3vCKq6A-nqR2d02tppgsn-mj_AgE5xrXHfr8PHhFRb64PC3zfAKFrakDb9JzmaTRZcqDnqYEcusTvFeCpGeg6JB-RdTaR-xtu8Gc4Ri-EfNXN5u3KnHIt2qIFSMwqFzMUedAsuT0qu9L21n7X-Z89BvZQJQIGWPRMwxGZbTnPa48RFOdvIGsNbTLaSf6hyyo5GiZNRf7pixte90Bo9juelnzLLONldq4Q-IXb37_-YuHd2I0pr2KzeyeWkoyt3RVsj9yyhcBgny3W7A_ukqxyE0GIw-dOeVgYgPEE1Wrryks-dRelhavnpTydIr135mtEW1hLS2jHdYRu8HepnyFg3cer10w26OAIJs8exJSe4h1Ed9KrZkYltIcPPXxxyoNc94SB9jjhOOHDT8IAW8-k7KE23-8g3wjm24tQSwIJRJqXfnsMzs0PD5E6XRFDWF2eYhWYacW2esDjM-LrXYKBeosUKGNRDr45PmfF5HbJH55n3R1vTRYb5U-1B4wt8XGdVWynx6tti_CyNXTctut1jdu-gVFG2LBBZ2u3CYWZwJvqrBnMNiGNR85QFjv5W12tNWLzRF-4gg70L2q5a-wta29c-keOuol_-NT4WGYl65AgNn8tb88TGsO5f5ho9YZQXgvj3cmGQGZt_JoR3pR9PiTlWGVXS9gSW9lh2gZKENIlNf6ri6NZEeVKIIF4pnrikLGY-ZYT4SZhRLb6y_fIfoMabofn7HcbjciDZviOeaXrCJCJbSqXOjqkBcVzKDMAVmgd4wLEUx4X602i0izmWUg-1cndcI3-4HsOYDhybfAQZXCsGdrFQALEjYiqTr9V03rFntv-qLoSrDYtfutEQUS3olAU9FleW6LR1DyW82ycj6pn3BQISCfK3unHRCaAYZj8eu4Jy8TjnO7EGGLD11eA-HfBc-4jymEHmYfpYxG5-pJ2AjLn6O1a-5kIhrmWhQZ5kXDdv9FRweZk2hDCVRciyZpt7GPdT8BAcSbYoC2M32tYuFKkmw6xdif8fysCvGwnEvGWS8gTvpcW3kWZ09eJWc0dxzpvNOAsHN49UvmI1qqjDatFFmc67DOmbSxBtcukg7gAFSozl0twkx8WjvHMrNMXojSfCxK9ho8Jj0BYjXVJL70YGnyw6rl3fdaeZTrR7d3IBxEbudoBe8LeQk4sfmex0EjbI4d-veOaVwoF4jxTo68nsYD3kqWw68-_zasd9dHueGJ7BDJRheONmZucczAuYSJgxB8oTIOzNrT79gO6ZtRZnYV6Fa30gzyuqBh8FtSYwvLRJjydrvInSCoodDjxU0sFpYOkSVeifzakXY1iJDxq8-L9qMrUaVatTAOSg_uBfPxE1jSNW4d6ejE42-N2JEyBqZTHoSf11Dk62oVdXCZuTrCyN_6eQJUyRUXbOqW92GYOMuVmPhIA-XyBm9pxMFDJ109ZkKdKK8YF-_Rsgmm_smln6bpD_bmF1AC_Q2bgVnEDC31EbxuITK4PdmlavLf0gDrKUAOL48Vin8m49DCec3uKX3mR3d9DuGgaj1wEDgshz8uyQUXOdtdmI3NNNg1_Z6Q4_D7HhlUpUJzuM4dxvq8JviRskG0jcxtIzQb2CX_hIwfSc8aZBByrnQ6iLjUdRhazWwVqlbrL0i5DDZlbOG82bqT8bAkZEQBgUP79lUFD4IhV0YV0-yKwH8fWbrjlmIldSEttwmARtds9TQWcsahBxQtjqHEalYel6xg_KqpTktOm3URzH6xMclBNY00HUtLqmK--ZnXf8LFvx53U2TA5Vgx7ivzrVN7UQeydVYtzWdn_93z5LqC6ac_Uiwh4NV99Lj-a0ywaW7Hl6hqvucXf8LB2IXIxOAyj4kW3rsjxc1bdnedtRXxQb856-Vj2Qo7HKQKsHvIdKjNV3jzyxzRpmdQM-t-o7zp6emTsf0fZ-HMirRyiw6-uik9pl5rgxJPIOgToify3Hij456xcYOQ1JLZfNZ7XxsT20wgQpy5hkWcBcmQnbFNHt5sbNoPLcZ6SheRwNRk-APHolhXiDJlmc4AIx5LX1I3hkINWwbyFxt6s8xrHd30-S2oY7pRsc4bYXSvsgUuZpGo5OdAu83zOz8gkCl1Q4HlTSTUsWmRSvyCB1QELFh3EOjXp6mrcu3TycBnzI2DeHx-nLcRnZlroxVxFXvgewCE0gC_CS1OhIFt1WYc3jyL1SNUT9zsys7doa_TjbSf6Zqo8HP05p0yAaw4bWkMOWWk0AxAAzr-jljJqontLmCDM9D15UzHPs1jb8Z392_GzVC6p963d_1oIihL5FFeWEzacYgazbOGXpuOmzhfrlDdM2-Am5BXRqc&cid=CAASEuRoARfNkp-Hp2pp9A4l1Wpt2Q&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:40 GMT content-encoding gzip x-content-type-options nosniff age 9 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 08:52:40 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 5F3D	170 B 188 B	17ms 16ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YtfqRcDAB&v=APEucNUvqlehGaeVGwzLYgaoX_hVK3SpG9KTUVXrwJi2FAuDj58f88C1iTrXzoalimlli0gX8-95uLnjzhk2KBbZluqm1R5RPonFX5FEehsWRM6Fsiqc3RYygSiX7jP4NIwdWaDP9IPCo9CkdaOYqO3vr9A_MvBMSqOCvpddguQDOueORCMFOwoJnghGfHTH2JR6zESQF6lzePxec8vYAjzAdKV1M6pSxM36Xl2R-k2d7-AsrHOhhZA Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 5F3D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1	43 B 894 B	16ms 15ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YtfqRcDAB&v=APEucNUvqlehGaeVGwzLYgaoX_hVK3SpG9KTUVXrwJi2FAuDj58f88C1iTrXzoalimlli0gX8-95uLnjzhk2KBbZluqm1R5RPonFX5FEehsWRM6Fsiqc3RYygSiX7jP4NIwdWaDP9IPCo9CkdaOYqO3vr9A_MvBMSqOCvpddguQDOueORCMFOwoJnghGfHTH2JR6zESQF6lzePxec8vYAjzAdKV1M6pSxM36Xl2R-k2d7-AsrHOhhZA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 08:52:49 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 08:52:49 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 5F3D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKy637XRfvY2feCNvxeLPwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1	43 B 894 B	13ms 12ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4YtfqRcDAB&v=APEucNUvqlehGaeVGwzLYgaoX_hVK3SpG9KTUVXrwJi2FAuDj58f88C1iTrXzoalimlli0gX8-95uLnjzhk2KBbZluqm1R5RPonFX5FEehsWRM6Fsiqc3RYygSiX7jP4NIwdWaDP9IPCo9CkdaOYqO3vr9A_MvBMSqOCvpddguQDOueORCMFOwoJnghGfHTH2JR6zESQF6lzePxec8vYAjzAdKV1M6pSxM36Xl2R-k2d7-AsrHOhhZA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 08:52:49 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 08:52:49 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOPC20usJnczowkC3zeVLsc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 4003	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 05:20:35 GMT content-encoding gzip x-content-type-options nosniff age 12734 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 May 2022 05:20:35 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame CCFD	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 25 May 2021 06:38:34 GMT expires Wed, 26 May 2021 06:38:34 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 8055 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 4003	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26e944dfbdeb5b40376309cbb749e17c8384b647348fa98f72a168748cd51fab Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 3381	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Tue, 25 May 2021 05:20:35 GMT expires Wed, 25 May 2022 05:20:35 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 12734 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	68 KB 7 KB	14ms 14ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15efd713607118883882f6b2ea64aa78e779e69f77fd5750642861db17f75f53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6739 date Tue, 25 May 2021 08:52:49 GMT expires Wed, 26 May 2021 08:52:49 GMT cache-control public, max-age=86400 last-modified Mon, 06 Jan 2020 10:44:32 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 4003	0 24 B	53ms 52ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhvKP9DV8U0ZZoFHQaX7F3DCMMGZKVj1FWG_LyWhxNur8OXKLnaMjPd_DfhNu9HskGeTVQkv91ZXDaZpNTLvxe5GIYCENL2PyxJWfytX_1lkdKw9wJGF0VOZlXjh2517BAzh091ypYqPypvKkJFzRPcaQteWY5ztBJtiIoMjpSaXshXoB3vVlGTP6xbNsmnUIfNE2PmMiLdWk-uMNNCGfRS7NPvw1DkDkKzvkB79HHg7Afqsx6lyhLApDGP3UrUJSsEgUWoFLT_rxIy4mpe1DdHdtDjwV3iJ94EnC2JvvxHOByI1edbo6aAdtbRPO2V6Cf24IWbhyPVMy0DJT41CdZOXnRvrPd8WcvNVigKZxNhZEOsqCfgvXreUMBa7TRCRCB5xNl3QVbPpXCkysX9TIAC9XLDhH5gH3fqPoKHxMYPT_6IXzu1ZsqcpE-z336CoRecKYlj0tHwa3Iuxe-86f_XIRDhopINYluYUIJ4GBTXW7v4bHa74ZgrYg1lyuEJLfQ5dhg5sFKXJOvr3eiA3wViTp-KWSDD9Phv3VwWBVyjDp4wIKrrgjZ3slj-vbnenUFJXfB2TtpsAgfbirIeDavQDzU6EarJeXLZE3lvoaCURaWxSkC2LAWMOa2KsXNp2E9b60UKd3WLPX2YIhlIKmXoJcrzJc6B7uUA0cu4WWxEgHCkxluyOHeKBXc6xey4D83OxmNSh9RbO4vSP944i2rfLq7YcVDfoX-o4gDvda5fslu1VAYnWlST3CtsK_g-E9fCu1b0vjh9jOiujX2JAJvkknyGu0PzYyuaQSh4rNQdL3OUZN5WnxKeX9ahW39vgq_TD34cjKwnQZoRt7d5qMa3ziwPVcWZTwsfM_m-KX8YLzFNdrnEPYlvWBMcSO88JPIyv81fFmFUee2V1AGXE2dPDrVdTHeWWbz1nXPFrvw8v1dGQn1I6lV1f9ki9KNKLA7QT26C1YVyKcLAUk2ysucT5Lk17EvOKfi8IrkxLKSvjASI-I0hOWoVMlytcxG7x8_XiQDUheAmWrVW7OUraQ12nk3aDaYAVXWH84TnPJxXn3yrJzhErvvOH6769-WdI0sqVBaWOm2Go-PYYvk390dJ40jbgrnYiBaHXQwve-0SsTYZYUyLexmW5qG04V5hZy_4KhJIMdXqPexri0n63YQnsBevmGPmeOH4w&sai=AMfl-YQtQNpoMYbXXln19lOgiCFxd_SdlcSg5saw1jwKTDOrpGBOupPvf7OXtwPW4HN17Aaku-9VWzW5T9cM4jwbXQYuUFVXJjiKplzRrOFg9K5DB1CSElH39DFj6KkxpxlNSxFUF14VEV3EwNts6Y98cvc-VDNEbMcZP_25G-xIvw2MRezRxSKN&sig=Cg0ArKJSzAhzCsb656zpEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=58&cisv=r20210517.78314&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 25 May 2021 08:52:49 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame CCFD	0 104 B	108ms 63ms	Image text/plain	2a02:fa8:8806:20::2040 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFgkElJv-uYG-mNLv_oNjuk&google_cver=1&google_push=AQvitUL-eLVi7PVc2K9-crs0_jRLBHvJJpSYYaH_I03f3aM09LhXbnoX60hbCBiFBjRrd66RzhOpdQ3epZLPJF2_LOnRSseV4Xo Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame CCFD Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN1xh_rFNz4MeWZj20mLY8M&google_cver=1&google_push=AQvitUIKi4uy8nZKbDtmQjwrXJdY0zIlNBTo6Zz3-Shd2VXFe9OOtUYdWKQamKTfVdicYRn24K6AI1b73LuOoNFC... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIKi4uy8nZKbDtmQjwrXJdY0zIlNBTo6Zz3-Shd2VXFe9OOtUYdWKQamKTfVdicYRn24K6AI1b73LuOoNFC6zuuzxEt3qI	170 B 188 B	16ms 16ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIKi4uy8nZKbDtmQjwrXJdY0zIlNBTo6Zz3-Shd2VXFe9OOtUYdWKQamKTfVdicYRn24K6AI1b73LuOoNFC6zuuzxEt3qI Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 25 May 2021 08:52:49 GMT Server MT3 3736 915c305 master zrh-pixel-x15 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIKi4uy8nZKbDtmQjwrXJdY0zIlNBTo6Zz3-Shd2VXFe9OOtUYdWKQamKTfVdicYRn24K6AI1b73LuOoNFC6zuuzxEt3qI Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 25 May 2021 08:52:48 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame CCFD Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEJ9_X_U8jIpKkyTF21_hWmA&google_cver=1&google_push=AQvitULlIAaWsSuv_2BRhiMl2bRl255-BKk86fb1zy-TMKKsjlw0junqaLI8ccc-uQa9z9MuUcYQKkC_9jP7TB56ijE4xRDIkw https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FAE85A971B264FA38160B882C8E3BBAC&google_push=AQvitULlIAaWsSuv_2BRhiMl2bRl255-BKk86fb1zy-TMKKsjlw0junqaLI8ccc-uQa9z9MuUcYQKkC_9jP7TB5...	170 B 188 B	16ms 16ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FAE85A971B264FA38160B882C8E3BBAC&google_push=AQvitULlIAaWsSuv_2BRhiMl2bRl255-BKk86fb1zy-TMKKsjlw0junqaLI8ccc-uQa9z9MuUcYQKkC_9jP7TB56ijE4xRDIkw Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 25 May 2021 08:52:49 GMT x-content-type-options nosniff server nginx location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FAE85A971B264FA38160B882C8E3BBAC&google_push=AQvitULlIAaWsSuv_2BRhiMl2bRl255-BKk86fb1zy-TMKKsjlw0junqaLI8ccc-uQa9z9MuUcYQKkC_9jP7TB56ijE4xRDIkw strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 154 expires Mon, 24 May 2021 08:52:49 GMT
GET H2	204	pixelSync pixel-sync.sitescout.com/dmp/ Frame CCFD	0 191 B	79ms 27ms	Image text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGqP1i9RcbO-FgGWmC39RJg&google_cver=1&google_push=AQvitUKsmuc5tuo91xXkX9Qldtjfq5-Z2VZVAmm6HbohkauS-kdhmPTpjwfDR2-VV98mILU-dv1bRnM3f7GcFVebGyE1nquvuvM Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:48 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame CCFD Redirect Chain https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECJ-hymL-FD4xt9SUayG2Fo&google_cver=1&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8... https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESECJ-hymL-FD4xt9SUayG2Fo&google_cver=1&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8... https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8IVdw92o4GZkH018Oc&google_hm=MDMwMzAwMDJfNjBhY2Jh...	170 B 188 B	18ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8IVdw92o4GZkH018Oc&google_hm=MDMwMzAwMDJfNjBhY2JhZTEzMjQzZg%3D%3D Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 25 May 2021 08:52:49 GMT server nginx access-control-allow-origin * transfer-encoding chunked access-control-allow-methods POST, GET, OPTIONS p3p CP="NOI DEV OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AQvitUL9sP4fQctt8w2arTErle1wZ2bF6fwajzB1vM8v33EEi6kCtzISTXTqpupmVgiCTxJp7E7b6HuLU8IVdw92o4GZkH018Oc&google_hm=MDMwMzAwMDJfNjBhY2JhZTEzMjQzZg%3D%3D cache-control no-cache content-type text/html; charset=UTF-8 access-control-allow-headers Origin keep-alive timeout=10
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame CCFD Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESEJrUFUlElyx-l9yj5nyySMc&google_cver=1&google_push=AQvitUI72b9KbwkimvGB9lJbmNdwaK1zRvFlWg88VcRJ8cVqBsty0crt8Do81NyAD_hKMAy9_1pORs64gfPDcaiCfOw8H5K... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUI72b9KbwkimvGB9lJbmNdwaK1zRvFlWg88VcRJ8cVqBsty0crt8Do81NyAD_hKMAy9_1pORs64gfPDcaiCfOw8H5K6wa4	170 B 188 B	18ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUI72b9KbwkimvGB9lJbmNdwaK1zRvFlWg88VcRJ8cVqBsty0crt8Do81NyAD_hKMAy9_1pORs64gfPDcaiCfOw8H5K6wa4 Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUI72b9KbwkimvGB9lJbmNdwaK1zRvFlWg88VcRJ8cVqBsty0crt8Do81NyAD_hKMAy9_1pORs64gfPDcaiCfOw8H5K6wa4 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame CCFD	0 12 B	16ms 15ms	Image text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLTMeC8ZnOuwxIFHnmt9nXMgSZuZrBI2lO6onIbOLd8IIKKG7ZUZb4jY8lf6I2zQ Requested by Host: 6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com URL: https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:49 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response pagead2.googlesyndication.com/bg/ Frame 3381	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 19:06:10 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 49599 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5728 x-xss-protection 0 expires Tue, 24 May 2022 19:06:10 GMT
GET H3-29	200	gwdpage_style.css s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	55 B 78 B	9ms 7ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdpage_style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9925dc8fdc741305ffba07d91a1ea84c3e56187e55fa30b4063f7bddaaef318 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 05:10:27 GMT x-content-type-options nosniff last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe age 13342 content-type text/css access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55 x-xss-protection 0 expires Wed, 26 May 2021 05:10:27 GMT
GET H3-29	200	gwdpagedeck_style.css s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	731 B 260 B	9ms 7ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdpagedeck_style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:22:18 GMT content-encoding gzip x-content-type-options nosniff age 81031 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 234 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 10:22:18 GMT
GET H3-29	200	gwdgooglead_style.css s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	44 B 67 B	10ms 6ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdgooglead_style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3225f378c00d8870e6d73c3b99cd541d2a9e0ce2d04b24fd41afee29d8c84da9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 19:11:37 GMT x-content-type-options nosniff last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe age 49272 content-type text/css access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44 x-xss-protection 0 expires Tue, 25 May 2021 19:11:37 GMT
GET H3-29	200	gwdimage_style.css s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	281 B 184 B	11ms 7ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdimage_style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:28:48 GMT content-encoding gzip x-content-type-options nosniff age 77041 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 158 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 11:28:48 GMT
GET H3-29	200	gwdtaparea_style.css s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	157 B 141 B	11ms 6ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdtaparea_style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 15:53:07 GMT content-encoding gzip x-content-type-options nosniff age 61182 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 115 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 15:53:07 GMT
GET H3-29	200	gwdattached_style.css s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	25 B 48 B	12ms 7ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdattached_style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d86a1f085058e7a82920bb9001286c7033b95dc0f7e1555e4fce2ffa6230748d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:37:26 GMT x-content-type-options nosniff last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe age 65723 content-type text/css access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25 x-xss-protection 0 expires Tue, 25 May 2021 14:37:26 GMT
GET H3-29	200	css fonts.googleapis.com/ Frame D678	664 B 355 B	23ms 18ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:regular Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 25 May 2021 08:07:12 GMT server ESF date Tue, 25 May 2021 08:52:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 May 2021 08:52:49 GMT
GET H3-29	200	googbase_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	163 B 152 B	12ms 6ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/googbase_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 252d7dd30664efb6b9214d1262a91b1015f095114d3b4b47568b9caa19645a45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:09:24 GMT content-encoding gzip x-content-type-options nosniff age 78205 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 11:09:24 GMT
GET H3-29	200	gwd_webcomponents_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	17 KB 6 KB	13ms 8ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwd_webcomponents_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:11:09 GMT content-encoding gzip x-content-type-options nosniff age 2500 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5637 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 08:11:09 GMT
GET H3-29	200	gwdpage_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	3 KB 986 B	13ms 7ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdpage_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b8e40848793a7e3892874fda515fea4d32452d42f3bc823c55dce4e870eb01e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:31:39 GMT content-encoding gzip x-content-type-options nosniff age 8470 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 960 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 06:31:39 GMT
GET H3-29	200	gwdpagedeck_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	6 KB 2 KB	17ms 11ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdpagedeck_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6ba4bcc8512c3ba29ddeed3271fda96e487fc863ca9dbfe2c63073c62d59c32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 13:24:58 GMT content-encoding gzip x-content-type-options nosniff age 70071 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2367 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 13:24:58 GMT
GET H3-29	200	Enabler_01_240.js Show response s0.2mdn.net/879366/ Frame D678	104 KB 35 KB	15ms 9ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_240.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d4ccd41112b51fd8ad83e253fe050f81d994c670551a4e4c75f11b10c2b08b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 05:57:45 GMT content-encoding gzip x-content-type-options nosniff age 10504 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36216 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:31:20 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 05:57:45 GMT
GET H3-29	200	gwdgooglead_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	14 KB 4 KB	17ms 11ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdgooglead_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c776c659b466face1225e6979399c88b4282906d3e2f6eeb17f1303e8ff9942 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:24:38 GMT content-encoding gzip x-content-type-options nosniff age 8891 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4340 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 06:24:38 GMT
GET H3-29	200	gwdimage_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	4 KB 1 KB	14ms 9ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdimage_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c4affdfd4b409d656488397d0eaeb5fcae773ec2e0b470cd23afddd601817f59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 16:49:53 GMT content-encoding gzip x-content-type-options nosniff age 57776 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1448 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 16:49:53 GMT
GET H3-29	200	gwdtaparea_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	2 KB 836 B	20ms 14ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdtaparea_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e17a0af89c14dd4f2e776d60d6f5bc81b1765c5c75357c1cd1e09a25baeab520 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:53:00 GMT content-encoding gzip x-content-type-options nosniff age 64789 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 803 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 14:53:00 GMT
GET H3-29	200	gwd-events-support.1.0.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	5 KB 1 KB	19ms 14ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwd-events-support.1.0.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:35:31 GMT content-encoding gzip x-content-type-options nosniff age 8238 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1215 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 06:35:31 GMT
GET H3-29	200	gwdgpadataprovider_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	2 KB 996 B	18ms 12ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdgpadataprovider_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f04964e2b1599980730940d8f0ea03ed715e37df6a0de083351e01587869faf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 16:01:41 GMT content-encoding gzip x-content-type-options nosniff age 60668 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 963 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 16:01:41 GMT
GET H3-29	200	gwdattached_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	420 B 273 B	18ms 13ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdattached_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e653267eac8b860b7132c5f4c5555e4410ec0c88700172a06fd681b3abf1525 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:35:25 GMT content-encoding gzip x-content-type-options nosniff age 8244 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 06:35:25 GMT
GET H3-29	200	gwdtexthelper_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	6 KB 2 KB	18ms 13ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdtexthelper_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce51d2cb4a2fe3121b80537b5bf2aaa6e16bf1cff259ba233b48d1aaeb03e563 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:35:25 GMT content-encoding gzip x-content-type-options nosniff age 8244 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2365 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Wed, 26 May 2021 06:35:25 GMT
GET H3-29	200	gwddatabinder_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	5 KB 2 KB	17ms 12ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwddatabinder_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e85a27009bd84280989449444d8234f498dd46bd7689ed089eda4e7de90a241 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:53:02 GMT content-encoding gzip x-content-type-options nosniff age 64787 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2108 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 14:53:02 GMT
GET H3-29	200	gwdfontloader_min.js Show response s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/ Frame D678	4 KB 2 KB	16ms 11ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/gwdfontloader_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 816c41d89a559b2766acbdccf9e57445f0947a71046f2eed653ca5a66bc85a72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 12:23:48 GMT content-encoding gzip x-content-type-options nosniff age 73741 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1764 x-xss-protection 0 last-modified Mon, 06 Jan 2020 10:44:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 12:23:48 GMT
GET H3-29	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v17/ Frame D678	23 KB 23 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:regular Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 15:44:07 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 407322 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 expires Fri, 20 May 2022 15:44:07 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 4003	0 23 B	44ms 44ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhvKP9DV8U0ZZoFHQaX7F3DCMMGZKVj1FWG_LyWhxNur8OXKLnaMjPd_DfhNu9HskGeTVQkv91ZXDaZpNTLvxe5GIYCENL2PyxJWfytX_1lkdKw9wJGF0VOZlXjh2517BAzh091ypYqPypvKkJFzRPcaQteWY5ztBJtiIoMjpSaXshXoB3vVlGTP6xbNsmnUIfNE2PmMiLdWk-uMNNCGfRS7NPvw1DkDkKzvkB79HHg7Afqsx6lyhLApDGP3UrUJSsEgUWoFLT_rxIy4mpe1DdHdtDjwV3iJ94EnC2JvvxHOByI1edbo6aAdtbRPO2V6Cf24IWbhyPVMy0DJT41CdZOXnRvrPd8WcvNVigKZxNhZEOsqCfgvXreUMBa7TRCRCB5xNl3QVbPpXCkysX9TIAC9XLDhH5gH3fqPoKHxMYPT_6IXzu1ZsqcpE-z336CoRecKYlj0tHwa3Iuxe-86f_XIRDhopINYluYUIJ4GBTXW7v4bHa74ZgrYg1lyuEJLfQ5dhg5sFKXJOvr3eiA3wViTp-KWSDD9Phv3VwWBVyjDp4wIKrrgjZ3slj-vbnenUFJXfB2TtpsAgfbirIeDavQDzU6EarJeXLZE3lvoaCURaWxSkC2LAWMOa2KsXNp2E9b60UKd3WLPX2YIhlIKmXoJcrzJc6B7uUA0cu4WWxEgHCkxluyOHeKBXc6xey4D83OxmNSh9RbO4vSP944i2rfLq7YcVDfoX-o4gDvda5fslu1VAYnWlST3CtsK_g-E9fCu1b0vjh9jOiujX2JAJvkknyGu0PzYyuaQSh4rNQdL3OUZN5WnxKeX9ahW39vgq_TD34cjKwnQZoRt7d5qMa3ziwPVcWZTwsfM_m-KX8YLzFNdrnEPYlvWBMcSO88JPIyv81fFmFUee2V1AGXE2dPDrVdTHeWWbz1nXPFrvw8v1dGQn1I6lV1f9ki9KNKLA7QT26C1YVyKcLAUk2ysucT5Lk17EvOKfi8IrkxLKSvjASI-I0hOWoVMlytcxG7x8_XiQDUheAmWrVW7OUraQ12nk3aDaYAVXWH84TnPJxXn3yrJzhErvvOH6769-WdI0sqVBaWOm2Go-PYYvk390dJ40jbgrnYiBaHXQwve-0SsTYZYUyLexmW5qG04V5hZy_4KhJIMdXqPexri0n63YQnsBevmGPmeOH4w&sai=AMfl-YQtQNpoMYbXXln19lOgiCFxd_SdlcSg5saw1jwKTDOrpGBOupPvf7OXtwPW4HN17Aaku-9VWzW5T9cM4jwbXQYuUFVXJjiKplzRrOFg9K5DB1CSElH39DFj6KkxpxlNSxFUF14VEV3EwNts6Y98cvc-VDNEbMcZP_25G-xIvw2MRezRxSKN&sig=Cg0ArKJSzAhzCsb656zpEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&vt=11&dtpt=120&dett=3&cstd=58&cisv=r20210517.78314&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 08:52:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET DATA	200 OK	truncated / Frame D678	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H3-29	200	47512218_20210127080930852_FEWO_1_left.png s0.2mdn.net/ads/richmedia/studio/47512218/ Frame D678	3 KB 3 KB	7ms 7ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20210127080930852_FEWO_1_left.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31561858b93c19134ccaf82682b6b201ef52e1804372b55a727b62b32bcf8d8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 04:27:22 GMT x-content-type-options nosniff last-modified Wed, 27 Jan 2021 16:09:30 GMT server sffe age 15927 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2812 x-xss-protection 0 expires Wed, 26 May 2021 04:27:22 GMT
GET H3-29	200	47512218_20200601083345443_img_2_beach-flyby_family_germany_728x90.jpg s0.2mdn.net/ads/richmedia/studio/47512218/ Frame D678	315 KB 315 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20200601083345443_img_2_beach-flyby_family_germany_728x90.jpg Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 439f0c9a21922e80e9518866917c0c3c8e9eaded1aa9fc5498240bc40c605894 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 10:13:35 GMT x-content-type-options nosniff last-modified Mon, 01 Jun 2020 15:33:45 GMT server sffe age 81554 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 322879 x-xss-protection 0 expires Tue, 25 May 2021 10:13:35 GMT
GET H3-29	200	47512218_20200601083339107_img_1_beach-flyby_family_germany_728x90.jpg s0.2mdn.net/ads/richmedia/studio/47512218/ Frame D678	360 KB 360 KB	11ms 11ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/47512218/47512218_20200601083339107_img_1_beach-flyby_family_germany_728x90.jpg Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04452e8dc39de1caf25c2931f752619a897679a3d667c0ec0fca94bae3b7339d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61183151/20200106024431876/index.html?e=69&leftOffset=0&topOffset=0&c=1ysPfezDfb&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 01:23:34 GMT x-content-type-options nosniff last-modified Mon, 01 Jun 2020 15:33:39 GMT server sffe age 26955 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 368429 x-xss-protection 0 expires Wed, 26 May 2021 01:23:34 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3381	0 58 B	16ms 15ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB6yf4bqsYNCGAqKNjuwP1YSPsAMAAAAAOAHgBAI&bg=!dHeldzPNAAZ7hX_Ue4U7ACkAdvg8WsU-8xv10chUZ4iM63FUqPSN7Ww1nuIZNyNVXpF9csWvSMUEVwIAAADDUgAAAA9oAQeZAoJRq62VqIM5sioGIlV2oxc6OMYtFMYxl591UJ6Y_YK1epe8WbW6ZJ9z1Xjbhg5Zk5pjwR2RfQmtZl9yqF-dpsvgLW5te71t6wsj7GsIw2_GP2bsjY1J6rcgPHxsQ1AnVYX975vJwgWHGmVd-090MG5ALOIX7TNbbqnKqy-1_t0SnkGvgJuXZC1XWufigxrGa2Kbn3p-iqeB_rmYZZQk3RYJ6TjqZ5cMwoTyOnW9u4flqwr_6cygDHt3yKCrsmAFD0bas2HPsvveoWSQwGDQ7HykGe40uMnIwBuCN55qgXL5tewX7xm2q-jT8xwiWCo-_0BD8k5Bo1mht7dS8hAPmwA2DMD8d0MIWAUfuVeut5HdbFcl5uJo81oo2UpHYI1KVTwfYnWcpt41Vv_mF7TZxp71E3iB1iBuCbS3BjwMTEhugyzHpMoLTaEhBS6reu3FKRyfxVy1TBAttuuLuxcMBIv35NDv1RxJ8oGUfCf6lXwivRZkGeSfJ95reM4R-EAZyeBdb6rK9ghfOSynp8HyijqIj-JH3Y97uDOVCh9C_EJQyMB4Nh3V0ppEwX10BoNfDbcVhtt8F0UHwzSpTuAJTglwNAsKvphmWtgtuUnZj3aLBNUG3gIlYEx_hGQPU_mGWOcgkQu_-_5tJbl55wmoCqcAyt9ZQurhk2O76SI1NioTG2xWcdToqetvxWibBm0s24SDakC8O37-5yIDfAJjwg5UY2V7Y3PhUbjy4RxIBt3Vu-n5R2QcXxwb9NyAWTvabLCUTJDWOwmhxX5_FqwZh8_mLpsy2QAUm59ycU_75iCUxfBU0zTYMYo5CGkqVrjz3I3y8-L0251RvPwSs1yiRZ-Xz3I Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 65 B	7ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:50 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:49 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4003	42 B 64 B	26ms 26ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNLQDCLwoPgmoYHi4zPLfotFWJj3emkQACXKm7ClHhUiI7AuH8mrPCkn-5OabpeXIpHbVR4QhlRCG2e43j7efqZAi2_us6zzgwLmCHvoF2bhuB4ZHECdX5qLnmIQ&sai=AMfl-YSiuTsDPprT2OwSpMAmyINYd53NfENcEF_Xjvj6r1XBiGlvcx1J9bIdk4DVOfnwfwtvnBcdNx4SZgBECGwnTj3NzR8lKEcvhnlYGgRPFU8t5k87dSeVU4NFAOg&sig=Cg0ArKJSzJYlLZfuV_CDEAE&cid=CAASEuRoARfNkp-Hp2pp9A4l1Wpt2Q&id=lidar2&mcvt=1003&p=1108,436,1198,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2530142577&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621932768986&dlt=25&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6443aa7c6dfda9198f833f8271036bb8.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 08:52:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	7ms 7ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNjgifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI1MzcyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTMyNzYxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI0YmU4MzlmNS1jOGM3LTQ3ZDAtNjYzZC05YTA2ZGMxMjNlZTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMyNTM3MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkzMjc2MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiNGJlODM5ZjUtYzhjNy00N2QwLTY2M2QtOWEwNmRjMTIzZWU1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNjgifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 08:52:50 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 08:52:50 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

um.wbtrk.net

URL

https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESECJylYqlkxIkYqv8dftGxdc&google_cver=1&google_push=AQvitUKZNnei27Ps1ADOolsCl9vpS3nrhHj2Wau_rMNw96HOeda6QxInCwxq0eq_pjPmFLgi_0Kk2De7yImlt9GwF8mej2zZvB0q